GET nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
200 OK 25 kB URL User Request GET HTTP/2 nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
IP
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint1F:9F:66:61:40:8F:19:DE:30:44:23:EA:EB:6E:C0:FC:6D:58:69:25
ValidityMon, 16 Oct 2023 08:08:16 GMT - Mon, 08 Jan 2024 08:08:15 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10840)
Hash a2197fceaad33c51a316439206bef6dc
07bd2e7d49ac977aec49de4f567db6de621860b8
0e0ba029c39ba25827ef896d560c9078ffa583ee6266eef488c72092a9625ce5
GET /2023/02/shopping-website-in-php-with-source-code.html?m=1 HTTP/1.1
Host: nowdemy.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 05 Nov 2023 02:01:57 GMT
date: Sun, 05 Nov 2023 02:01:57 GMT
cache-control: private, max-age=0
last-modified: Fri, 03 Nov 2023 00:37:38 GMT
etag: W/"e494b59e9d0aadd8ab86505991bf71a30206b7dc71e3fc04bb9e716d5046d28c"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 25396
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET nowdemy.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL GET HTTP/3 nowdemy.blogspot.com/js/cookienotice.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint1F:9F:66:61:40:8F:19:DE:30:44:23:EA:EB:6E:C0:FC:6D:58:69:25
ValidityMon, 16 Oct 2023 08:08:16 GMT - Mon, 08 Jan 2024 08:08:15 GMT
Hash a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
GET /js/cookienotice.js HTTP/1.1
Host: nowdemy.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Nov 2023 21:45:16 GMT
expires: Sat, 11 Nov 2023 21:45:16 GMT
cache-control: public, max-age=604800
last-modified: Fri, 03 Nov 2023 22:41:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 15402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET nowdemy.blogspot.com/responsive/sprite_v1_6.css.svg
200 OK 2.2 kB URL GET HTTP/3 nowdemy.blogspot.com/responsive/sprite_v1_6.css.svg
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint1F:9F:66:61:40:8F:19:DE:30:44:23:EA:EB:6E:C0:FC:6D:58:69:25
ValidityMon, 16 Oct 2023 08:08:16 GMT - Mon, 08 Jan 2024 08:08:15 GMT
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7657)
Hash d4dcfc8144f556815c7a1d84ed4e959e
22088bd6cdf970dcf7bfab9a74a4768548ca8890
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
GET /responsive/sprite_v1_6.css.svg HTTP/1.1
Host: nowdemy.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Nov 2023 21:45:16 GMT
expires: Sat, 11 Nov 2023 21:45:16 GMT
cache-control: public, max-age=604800
last-modified: Sat, 04 Nov 2023 07:54:14 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 15402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET 2.bp.blogspot.com/-vkooCNOHzKw/WqbQQk7MDtI/AAAAAAAABI4/bRC-UVtU5A0YAWewTLql3H2zUGBhc8uewCLcBGAs/s1600/728-1.jpg
200 OK 54 kB URL GET HTTP/2 2.bp.blogspot.com/-vkooCNOHzKw/WqbQQk7MDtI/AAAAAAAABI4/bRC-UVtU5A0YAWewTLql3H2zUGBhc8uewCLcBGAs/s1600/728-1.jpg
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint1F:9F:66:61:40:8F:19:DE:30:44:23:EA:EB:6E:C0:FC:6D:58:69:25
ValidityMon, 16 Oct 2023 08:08:16 GMT - Mon, 08 Jan 2024 08:08:15 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 728x90, components 3\012- data
Hash aa82a41121aee2f137e1211e837d8c56
f72a46636ccf0dca52da1af5e13babef5f8d4701
ed387533cb0d7338ac67c29c9b766f35ac03f3e755038737fc0d64f894bb1f14
GET /-vkooCNOHzKw/WqbQQk7MDtI/AAAAAAAABI4/bRC-UVtU5A0YAWewTLql3H2zUGBhc8uewCLcBGAs/s1600/728-1.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="728-1.jpg"
x-content-type-options: nosniff
server: fife
content-length: 54332
x-xss-protection: 0
date: Sun, 05 Nov 2023 01:10:52 GMT
expires: Mon, 06 Nov 2023 01:10:52 GMT
cache-control: public, max-age=86400, no-transform
age: 3066
etag: "v490"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
200 OK 3.5 kB URL GET HTTP/2 www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type Unicode text, UTF-8 text, with very long lines (10473)
Hash 158013acb7e269a3dbe18de855656c97
08fa355584fc849539b3f04589ae6f61eb4a7d98
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
GET /external_hosted/clipboardjs/clipboard.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Nov 2023 02:01:58 GMT
expires: Sun, 05 Nov 2023 02:01:58 GMT
cache-control: public, max-age=0
age: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4243439746803827&host=ca-host-pub-1556223355139109
200 OK 52 kB URL GET HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4243439746803827&host=ca-host-pub-1556223355139109
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint30:DF:10:0D:E2:AE:CA:7A:5E:20:03:00:80:D2:EB:DD:4D:3A:F3:10
ValidityMon, 16 Oct 2023 08:02:29 GMT - Mon, 08 Jan 2024 08:02:28 GMT
File type ASCII text, with very long lines (3968)
Hash 34a577ea61fbc6df7a133265b2542cfd
d0c1144fd3dcb5a9236f753b7f382c5f9212b3e0
31fbe800fa99edf55be4e21e31672a7b6325ebf3347ffbf5d7fa849e829c1044
GET /pagead/js/adsbygoogle.js?client=ca-pub-4243439746803827&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 05 Nov 2023 02:01:58 GMT
expires: Sun, 05 Nov 2023 02:01:58 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16206330867056225599
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51908
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.blogger.com/static/v1/jsbin/4235886812-comment_from_post_iframe.js
200 OK 6.8 kB URL GET HTTP/2 www.blogger.com/static/v1/jsbin/4235886812-comment_from_post_iframe.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint75:53:9F:32:2C:07:BD:E7:26:FE:91:BD:A8:0F:85:6C:DE:21:40:BB
ValidityMon, 16 Oct 2023 08:02:00 GMT - Mon, 08 Jan 2024 08:01:59 GMT
File type ASCII text, with very long lines (2165)
Hash 49aad9405434d8887646881ecda8cf64
59bfe11a22024072043b6fc2562ce01b3d4b7344
d86e5bbbff2909f2cefcd5edbbb5b224660e76913e3872dc029758206955a8c6
GET /static/v1/jsbin/4235886812-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Oct 2023 10:25:25 GMT
expires: Tue, 29 Oct 2024 10:25:25 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 29 Oct 2023 11:49:15 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 488193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.blogger.com/static/v1/widgets/3737540651-widgets.js
200 OK 59 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/3737540651-widgets.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint75:53:9F:32:2C:07:BD:E7:26:FE:91:BD:A8:0F:85:6C:DE:21:40:BB
ValidityMon, 16 Oct 2023 08:02:00 GMT - Mon, 08 Jan 2024 08:01:59 GMT
File type ASCII text, with very long lines (2215)
Hash 4ea44bac705ed408efd4f1c5409f2c26
56d80408130a9d8e21d988323c92eaa58d7849f1
685ee7526028d355549d5bc576073aa927ea34d48a7512b12c077d88a8d24089
GET /static/v1/widgets/3737540651-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 58997
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Oct 2023 02:17:21 GMT
expires: Tue, 29 Oct 2024 02:17:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Oct 2023 01:51:38 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 517477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET resources.blogblog.com/blogblog/data/res/1165756997-rockpool_compiled.js
200 OK 47 kB URL GET HTTP/2 resources.blogblog.com/blogblog/data/res/1165756997-rockpool_compiled.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint75:53:9F:32:2C:07:BD:E7:26:FE:91:BD:A8:0F:85:6C:DE:21:40:BB
ValidityMon, 16 Oct 2023 08:02:00 GMT - Mon, 08 Jan 2024 08:01:59 GMT
File type ASCII text, with very long lines (1721)
Hash c2585ad665088308402655697f07a5d2
bb4840c21047372899f4b47a34f30135b1b8b300
d68a9d1f2b0fffa2ee799b8e38be3870b029e1d5249d686cc0919a2e64aea530
GET /blogblog/data/res/1165756997-rockpool_compiled.js HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 47419
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Oct 2023 05:14:15 GMT
expires: Tue, 07 Nov 2023 05:14:15 GMT
cache-control: public, max-age=604800
last-modified: Mon, 30 Oct 2023 23:58:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 420463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Hash e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Oct 2023 09:00:39 GMT
expires: Wed, 30 Oct 2024 09:00:39 GMT
cache-control: public, max-age=31536000
age: 406879
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Hash e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Oct 2023 09:00:39 GMT
expires: Wed, 30 Oct 2024 09:00:39 GMT
cache-control: public, max-age=31536000
age: 406879
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v36/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkxhjWVAewA.woff2
200 OK 19 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkxhjWVAewA.woff2
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 19276, version 1.0\012- data
Hash 4a818665dfa7cfae73a5d4b498eade30
e18cf799e6004f67b9c72a08d8f62728ee2c3b68
42e6b1ed43dd2e3d8daea500ab2175bfe9bb7b049173bf8876e69cf5eb07b538
GET /s/opensans/v36/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkxhjWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Nov 2023 10:35:03 GMT
expires: Fri, 01 Nov 2024 10:35:03 GMT
cache-control: public, max-age=31536000
age: 228415
last-modified: Thu, 14 Sep 2023 00:51:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
200 OK 19 kB URL GET HTTP/2 fonts.gstatic.com/s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 19300, version 1.0\012- data
Hash 03724bc4fe96f498dc2945e967b4e84d
a4d4cacf44c2e6a9bf6b63110bfd4ecf8361b31b
7ff7d3790060dcf14289ea0e50e7df1f00893e53e882ff3101e078b2f948589f
GET /s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Nov 2023 11:17:56 GMT
expires: Sun, 03 Nov 2024 11:17:56 GMT
cache-control: public, max-age=31536000
age: 53042
last-modified: Tue, 21 Feb 2023 21:45:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4243439746803827&plah=nowdemy.blogspot.com&bust=31079355
200 OK 138 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4243439746803827&plah=nowdemy.blogspot.com&bust=31079355
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint30:DF:10:0D:E2:AE:CA:7A:5E:20:03:00:80:D2:EB:DD:4D:3A:F3:10
ValidityMon, 16 Oct 2023 08:02:29 GMT - Mon, 08 Jan 2024 08:02:28 GMT
File type ASCII text, with very long lines (2107)
Size 138 kB (138244 bytes)
Hash 0bf7c175bc88c193d2e1fa7b6b1fd13f
7ff4fd9b422ec66d92fe23b199a3999a5aa05aa3
1aee228f889bec3b4b47a8e645e2604f0cf6d861bcce3aaab520ea25c25f8c97
GET /pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4243439746803827&plah=nowdemy.blogspot.com&bust=31079355 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 05 Nov 2023 02:01:58 GMT
expires: Sun, 05 Nov 2023 02:01:58 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 13239428393353588289
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 138244
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.effectivecreativeformat.com/3ee03f0d1c2940f3daae857204cd9da0/invoke.js
200 OK 11 kB URL GET HTTP/1.1 www.effectivecreativeformat.com/3ee03f0d1c2940f3daae857204cd9da0/invoke.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjecteffectivecreativeformat.com
Fingerprint6A:8F:F6:A0:C1:B6:14:AE:5C:CC:1E:DE:42:5D:60:E8:38:7A:B6:42
ValidityThu, 19 Oct 2023 06:30:20 GMT - Wed, 17 Jan 2024 06:30:19 GMT
File type exported SGML document, ASCII text, with very long lines (29616), with no line terminators
Hash 0b5afbecea51befd3b2fce8efa9a14d3
deddecacd3e4e28ed1332c8488dcb507502b0a9c
c70f4dd73905f9730f09d4206fc21030dd7334263fce3b063780b51970c6cc82
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /3ee03f0d1c2940f3daae857204cd9da0/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:01:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0ccc24aad7df27355ae735129b9c5a0a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/rum_fy2021.js
200 OK 22 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/rum_fy2021.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint30:DF:10:0D:E2:AE:CA:7A:5E:20:03:00:80:D2:EB:DD:4D:3A:F3:10
ValidityMon, 16 Oct 2023 08:02:29 GMT - Mon, 08 Jan 2024 08:02:28 GMT
File type ASCII text, with very long lines (3066)
Hash 76e0abc32bcafddfa7e255353e381410
f0dbd80cfa7ad91babb55930db88cefcd99c6c67
cb7ab321f8b695fcb88dbe506087d580b7968fefd8caf1b685db08dbfba0e723
GET /pagead/js/r20231101/r20110914/rum_fy2021.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 21910
x-xss-protection: 0
date: Sat, 04 Nov 2023 21:02:14 GMT
expires: Sat, 18 Nov 2023 21:02:14 GMT
cache-control: public, max-age=1209600
age: 17984
etag: 742759933063840016
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIM9GtxOqyor0cKd0IZ0NWxV6PGVS6URZvFvx8DpN7h3NqCeKuU0TEeTDIf4m3SRhmlNmmSA1Ppv9oMqMpcXkHWIcyUL5PXftISf7TmL7AjGTo5BIB_2KHd770hwHEug/s150/nowdemyFinal.png
200 OK 5.7 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIM9GtxOqyor0cKd0IZ0NWxV6PGVS6URZvFvx8DpN7h3NqCeKuU0TEeTDIf4m3SRhmlNmmSA1Ppv9oMqMpcXkHWIcyUL5PXftISf7TmL7AjGTo5BIB_2KHd770hwHEug/s150/nowdemyFinal.png
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintCB:BB:D8:FC:60:AA:94:8F:47:5C:88:BB:C3:30:22:92:26:D3:85:2F
ValidityMon, 16 Oct 2023 08:09:46 GMT - Mon, 08 Jan 2024 08:09:45 GMT
File type PNG image data, 150 x 112, 8-bit/color RGBA, non-interlaced\012- data
Hash f010fe681914d2ac2cacb8a6d15cc79c
71b2446a252837139f01d3790904298a693deb35
c4068f1406adf0b7910b9a80cbcce77803480445ee5d376d3a2303ff264b176e
GET /img/b/R29vZ2xl/AVvXsEgIM9GtxOqyor0cKd0IZ0NWxV6PGVS6URZvFvx8DpN7h3NqCeKuU0TEeTDIf4m3SRhmlNmmSA1Ppv9oMqMpcXkHWIcyUL5PXftISf7TmL7AjGTo5BIB_2KHd770hwHEug/s150/nowdemyFinal.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "va3b"
expires: Mon, 06 Nov 2023 02:01:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="nowdemyFinal.png"
x-content-type-options: nosniff
date: Sun, 05 Nov 2023 02:01:58 GMT
server: fife
content-length: 5652
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET partner.googleadservices.com/gampad/cookie.js?domain=nowdemy.blogspot.com&callback=_gfp_s_&client=ca-pub-4243439746803827
200 OK 253 B URL GET HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=nowdemy.blogspot.com&callback=_gfp_s_&client=ca-pub-4243439746803827
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleadservices.com
Fingerprint0C:B4:36:FB:21:D8:B0:4A:B4:9C:34:0A:D5:1D:69:DD:8B:24:91:83
ValidityMon, 16 Oct 2023 08:08:36 GMT - Mon, 08 Jan 2024 08:08:35 GMT
File type ASCII text, with very long lines (391), with no line terminators
Hash b7e5b267376b56b89aac3f3fbd6de192
352fb88279f91a23ee33d993afe0582e9c263817
bfc7fab948435a5ce41ce8583afbad9fd6f9393ad960cdf77d98d1b630074d06
GET /gampad/cookie.js?domain=nowdemy.blogspot.com&callback=_gfp_s_&client=ca-pub-4243439746803827 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Nov 2023 02:01:59 GMT
server: cafe
cache-control: private
content-length: 253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash fec7cbd8d692ee1251b308b5da0e3551
3633c01f807f03ed7e4b77033e0514fd4a5bdcd5
ad5dc1510a81edd5facd539b5d239ebe7800a3a5a5b5eea56832399235fcb676
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 05 Nov 2023 02:01:59 GMT
Last-Modified: Sun, 05 Nov 2023 00:45:36 GMT
Server: ECAcc (ska/F7AF)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L7SVVhhAzLH9bvyi9XAqVKdbbRHJCXotrv1X5sWyGe_LROa9c-uAiA==
Age: 4583
GET professionalswebcheck.com/stats
200 OK 40 B URL GET HTTP/2 professionalswebcheck.com/stats
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 9fb99bc90c49cf65b41d303d7caa9b94
effaddfadefc0b9b085585444bf52a2dc1c0ca49
8552722614f125f3d6c2ac8ae3007c7381e0e383b2224f27ea1e40fad0c85afc
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:01:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nowdemy.blogspot.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; expires=Wed, 02 Nov 2033 02:01:59 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
GET www.blogger.com/dyn-css/authorization.css?targetBlogID=7379893993141487491&zx=4897d26c-dda4-42af-93db-c54e743fadb9
200 OK 21 B URL GET HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=7379893993141487491&zx=4897d26c-dda4-42af-93db-c54e743fadb9
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint75:53:9F:32:2C:07:BD:E7:26:FE:91:BD:A8:0F:85:6C:DE:21:40:BB
ValidityMon, 16 Oct 2023 08:02:00 GMT - Mon, 08 Jan 2024 08:01:59 GMT
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /dyn-css/authorization.css?targetBlogID=7379893993141487491&zx=4897d26c-dda4-42af-93db-c54e743fadb9 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Nov 2023 02:01:59 GMT
last-modified: Sun, 05 Nov 2023 02:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET pl18571541.highrevenuegate.com/1a/e1/bd/1ae1bd4c7751ee171f884f86505662a5.js
200 OK 14 kB URL GET HTTP/1.1 pl18571541.highrevenuegate.com/1a/e1/bd/1ae1bd4c7751ee171f884f86505662a5.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjecthighrevenuegate.com
Fingerprint67:F5:FF:FF:6C:AF:E9:0E:DF:61:91:71:1C:EF:77:3F:A2:E1:8C:D8
ValidityMon, 30 Oct 2023 07:17:57 GMT - Sun, 28 Jan 2024 07:17:56 GMT
File type ASCII text, with very long lines (40548), with no line terminators
Hash 15d98562d252a9b7e05da39881fdd94d
c1a13283a6b2ff547a39e0c4b8551af383d9b53c
0e570cb80ceadb5629eab9b309de39f9cd13f9842b4c80e45c39f76c75d3b609
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /1a/e1/bd/1ae1bd4c7751ee171f884f86505662a5.js HTTP/1.1
Host: pl18571541.highrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:01:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dcb91a97fa60b706944fea203aa40f5c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET www.youtube.com/s/player/9d15588c/player_ias.vflset/en_US/embed.js
200 OK 18 kB URL GET HTTP/3 www.youtube.com/s/player/9d15588c/player_ias.vflset/en_US/embed.js
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (3391)
Hash 00fcd8f19f33cdd43dfbd93f93b1cacf
22652f87a2dbe4da673b3b8957c76f122e803559
84903214c4c40def6908be4fb42fd9f2b01ef82af69eee3ec6c8dbcbdaa6a7e7
GET /s/player/9d15588c/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 17508
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Nov 2023 18:22:17 GMT
expires: Sun, 03 Nov 2024 18:22:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 27582
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.youtube.com/s/player/9d15588c/www-player.css
200 OK 49 kB URL GET HTTP/3 www.youtube.com/s/player/9d15588c/www-player.css
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8dc2aaffee01544d7c0dfdc2d7600ce0
1499c1b257ee75da64ef5046d3ac9002ab302cb4
59640f904cf8abdc7a1d4189f3bb6ab83bfd60a8dd251a0abb5d5d3ab8a11b24
GET /s/player/9d15588c/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48897
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 07:28:44 GMT
expires: Thu, 31 Oct 2024 07:28:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 325995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.youtube.com/s/player/9d15588c/www-embed-player.vflset/www-embed-player.js
200 OK 98 kB URL GET HTTP/3 www.youtube.com/s/player/9d15588c/www-embed-player.vflset/www-embed-player.js
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (682)
Hash a7c1c62310f68f1a1c6a0b75b5039eec
f0907153b862018c2938c3ce5c7d1faf060903ed
781ca116ffbdbcc5677786946676f2fa8bd27fbb34137972524a4a11cc885a28
GET /s/player/9d15588c/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 98339
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 07:28:44 GMT
expires: Thu, 31 Oct 2024 07:28:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 325995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Nov 2023 23:51:35 GMT
expires: Fri, 01 Nov 2024 23:51:35 GMT
cache-control: public, max-age=31536000
age: 180624
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=k9bc3ad6nn6k
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 22:20:01 GMT
expires: Sat, 02 Nov 2024 22:20:01 GMT
cache-control: public, max-age=31536000
age: 99718
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.profitabledisplaynetwork.com/663539eb42566050ce55e91706150bca/invoke.js
200 OK 11 kB URL GET HTTP/1.1 www.profitabledisplaynetwork.com/663539eb42566050ce55e91706150bca/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectprofitabledisplaynetwork.com
FingerprintF8:76:7B:6D:E9:49:0F:FE:3A:DE:54:8B:28:91:35:99:76:99:8E:89
ValiditySun, 29 Oct 2023 07:30:47 GMT - Sat, 27 Jan 2024 07:30:46 GMT
File type exported SGML document, ASCII text, with very long lines (29604), with no line terminators
Hash cd8a5396da1d588b9d4355782a97f512
cc89bb05fc0917ad2adbced0d5d800a965bb65fd
9fb07d626b820031dbca80425194c6f4cb3e1918be982ac3675883a0609ee9e9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /663539eb42566050ce55e91706150bca/invoke.js HTTP/1.1
Host: www.profitabledisplaynetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Nov 2023 02:01:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ba8e26d2f1d3c7b7d1666c670095dc4b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET www.youtube.com/s/player/9d15588c/player_ias.vflset/en_US/base.js
200 OK 775 kB URL GET HTTP/3 www.youtube.com/s/player/9d15588c/player_ias.vflset/en_US/base.js
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (555)
Size 775 kB (774756 bytes)
Hash fc1b6b72d00a8f12c728d41730980d5a
6e2c1a91c7802aed7603a0f2bac758d29a9ef30f
ff66acf8eba8a719216c7d21bed3c0e6daef74c80ade61a784a21db4913ad8f4
GET /s/player/9d15588c/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 774756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Nov 2023 18:34:41 GMT
expires: Sun, 03 Nov 2024 18:34:41 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 26838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Hash e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Oct 2023 09:00:39 GMT
expires: Wed, 30 Oct 2024 09:00:39 GMT
cache-control: public, max-age=31536000
age: 406880
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.effectivecreativeformat.com/3ee03f0d1c2940f3daae857204cd9da0/invoke.js
200 OK 11 kB URL GET HTTP/1.1 www.effectivecreativeformat.com/3ee03f0d1c2940f3daae857204cd9da0/invoke.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjecteffectivecreativeformat.com
Fingerprint6A:8F:F6:A0:C1:B6:14:AE:5C:CC:1E:DE:42:5D:60:E8:38:7A:B6:42
ValidityThu, 19 Oct 2023 06:30:20 GMT - Wed, 17 Jan 2024 06:30:19 GMT
File type exported SGML document, ASCII text, with very long lines (29619), with no line terminators
Hash 1c0069631d8666a69df81f86162bdfd6
a48eeeeb7317b3f5118c8ca219483c7e41feee95
a272a299b8dd37a5052f1f62723c0d1eacd73aac84d6bd0450169f30e3246996
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /3ee03f0d1c2940f3daae857204cd9da0/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:01:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8d5ce57e482d8f3ca2adcc7c204acd82
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET www.profitabledisplaynetwork.com/663539eb42566050ce55e91706150bca/invoke.js
200 OK 11 kB URL GET HTTP/1.1 www.profitabledisplaynetwork.com/663539eb42566050ce55e91706150bca/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectprofitabledisplaynetwork.com
FingerprintF8:76:7B:6D:E9:49:0F:FE:3A:DE:54:8B:28:91:35:99:76:99:8E:89
ValiditySun, 29 Oct 2023 07:30:47 GMT - Sat, 27 Jan 2024 07:30:46 GMT
File type exported SGML document, ASCII text, with very long lines (29583), with no line terminators
Hash f26868a41a6ad097e21c7eef3b976cc7
f33a7a9bcd22e3550e3c0849baa01798ae364b2c
7f320c523dafa7676a4b0cd961aae59d08a9ea40465fdbfe835ceed19c047ca8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /663539eb42566050ce55e91706150bca/invoke.js HTTP/1.1
Host: www.profitabledisplaynetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Nov 2023 02:01:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0223df683776f85f4617640fa434b054
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET jollyslendersquare.com/watch.471629525920.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
307 Temporary Redirect 0 B URL GET HTTP/1.1 jollyslendersquare.com/watch.471629525920.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectjollyslendersquare.com
FingerprintD0:E7:F6:BA:EE:17:2E:49:B1:E6:F2:18:F6:11:EB:70:5B:6E:68:71
ValidityWed, 27 Sep 2023 00:55:44 GMT - Tue, 26 Dec 2023 00:55:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.471629525920.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1 HTTP/1.1
Host: jollyslendersquare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:01:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://jollyslendersquare.com/watch.471629525920.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=5564850c17d355c47761097c3dbcc5d2f5095f255a704346ded7e93ec0cbf4a7c609305f2d139ab0d3ec39cca4254317bac15a3fd63b43c94c28ee668f76a87b319144e54aad2a631be0b5c9dbe0825252e2a9ce5aa357a11fe08dd6082502&pst=1699149779&rmtc=t
Set-Cookie: u_pl=18445737; expires=Mon, 06 Nov 2023 02:01:59 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODQ0NTczNywiayI6IjNlZTAzZjBkMWMyOTQwZjNkYWFlODU3MjA0Y2Q5ZGEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoiZmdzemZqODEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25vd2RlbXkuYmxvZ3Nwb3QuY29tLzIwMjMvMDIvc2hvcHBpbmctd2Vic2l0ZS1pbi1waHAtd2l0aC1zb3VyY2UtY29kZS5odG1sP209MSJ9fQ.sJn4m8aznRSKIcSVSj0OXXTmP3L0bAdkrYczTrR-FM0; expires=Sun, 05 Nov 2023 02:02:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: edcbdeec1e9c99643340afb8af158d5f
Strict-Transport-Security: max-age=0; includeSubdomains
GET www.youtube.com/embed/xys3h4TNXj0
200 OK 51 kB URL GET HTTP/3 www.youtube.com/embed/xys3h4TNXj0
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58198)
Hash e0dce206df06ee3143ab815f37088eaa
4e5f33cfcfefbf0e2ff36075f86091afce5678fb
80907111594793af3aca722d1e76d4cf8ab3bfed891fe72f6142e9b1c37f8ad4
GET /embed/xys3h4TNXj0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Nov 2023 02:01:59 GMT
strict-transport-security: max-age=31536000
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=L0jTVMueh-8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Jax4rRbPT94; Domain=.youtube.com; Expires=Fri, 03-May-2024 02:01:59 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxICEgA%3D; Domain=.youtube.com; Expires=Fri, 03-May-2024 02:01:59 GMT; Path=/; Secure; HttpOnly; SameSite=lax
CONSENT=PENDING+518; expires=Tue, 04-Nov-2025 02:01:59 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET flipendangered.com/watch.1370209808995.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
307 Temporary Redirect 0 B URL GET HTTP/1.1 flipendangered.com/watch.1370209808995.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectflipendangered.com
Fingerprint1B:C5:01:23:F0:A2:C1:D7:33:10:D3:7F:C0:5F:15:A2:65:22:94:D9
ValidityTue, 10 Oct 2023 08:22:46 GMT - Mon, 08 Jan 2024 08:22:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1370209808995.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1 HTTP/1.1
Host: flipendangered.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:01:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://flipendangered.com/watch.1370209808995.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=6780c02bfe13a6cee52281f97c523f429f8476a89516850738fc07a02981e8333ea8d2731de50f805130086af75ccda0b57c019f3f1c85f3659465324e1d62a7993ec43810da4b1357a08bd38afad783c47b40885c37553f9b12c60320404e4d56&pst=1699149779&rmtc=t
Set-Cookie: u_pl=19286784; expires=Mon, 06 Nov 2023 02:01:59 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTI4Njc4NCwiayI6IjY2MzUzOWViNDI1NjYwNTBjZTU1ZTkxNzA2MTUwYmNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoiaWo0ZWtyNDRhIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ub3dkZW15LmJsb2dzcG90LmNvbS8yMDIzLzAyL3Nob3BwaW5nLXdlYnNpdGUtaW4tcGhwLXdpdGgtc291cmNlLWNvZGUuaHRtbD9tPTEifX0.IO2enA6JIZc9nbG3Gv2Z0Wkdfne8jG5OCTP53O4OMbU; expires=Sun, 05 Nov 2023 02:02:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a8eab2a61685e84561f8aa0b75561848
Strict-Transport-Security: max-age=0; includeSubdomains
GET jollyslendersquare.com/watch.471629525920.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=5564850c17d355c47761097c3dbcc5d2f5095f255a704346ded7e93ec0cbf4a7c609305f2d139ab0d3ec39cca4254317bac15a3fd63b43c94c28ee668f76a87b319144e54aad2a631be0b5c9dbe0825252e2a9ce5aa357a11fe08dd6082502&pst=1699149779&rmtc=t
200 OK 2.1 kB URL GET HTTP/1.1 jollyslendersquare.com/watch.471629525920.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=5564850c17d355c47761097c3dbcc5d2f5095f255a704346ded7e93ec0cbf4a7c609305f2d139ab0d3ec39cca4254317bac15a3fd63b43c94c28ee668f76a87b319144e54aad2a631be0b5c9dbe0825252e2a9ce5aa357a11fe08dd6082502&pst=1699149779&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectjollyslendersquare.com
FingerprintD0:E7:F6:BA:EE:17:2E:49:B1:E6:F2:18:F6:11:EB:70:5B:6E:68:71
ValidityWed, 27 Sep 2023 00:55:44 GMT - Tue, 26 Dec 2023 00:55:43 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (2649)
Hash d4e8e31cc71af059bb7602928f994b56
526bfeca39aa4b2e630868cb6751424ab3356076
e97efe6d43d4ca3fd4365d9935d0a03590e95f5b80d15bad8e5cc1c7cb0bb540
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.471629525920.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=5564850c17d355c47761097c3dbcc5d2f5095f255a704346ded7e93ec0cbf4a7c609305f2d139ab0d3ec39cca4254317bac15a3fd63b43c94c28ee668f76a87b319144e54aad2a631be0b5c9dbe0825252e2a9ce5aa357a11fe08dd6082502&pst=1699149779&rmtc=t HTTP/1.1
Host: jollyslendersquare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
Referer: https://nowdemy.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18445737; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODQ0NTczNywiayI6IjNlZTAzZjBkMWMyOTQwZjNkYWFlODU3MjA0Y2Q5ZGEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoiZmdzemZqODEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25vd2RlbXkuYmxvZ3Nwb3QuY29tLzIwMjMvMDIvc2hvcHBpbmctd2Vic2l0ZS1pbi1waHAtd2l0aC1zb3VyY2UtY29kZS5odG1sP209MSJ9fQ.sJn4m8aznRSKIcSVSj0OXXTmP3L0bAdkrYczTrR-FM0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; expires=Sun, 12 Nov 2023 02:01:59 GMT; secure; SameSite=None
iprc101d2c942d8eede5145ab5810aee62f0=3569808; expires=Sun, 05 Nov 2023 06:02:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 099d7c44c7cf76abce113cf9120fec4f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET www.profitabledisplaynetwork.com/663539eb42566050ce55e91706150bca/invoke.js
200 OK 11 kB URL GET HTTP/1.1 www.profitabledisplaynetwork.com/663539eb42566050ce55e91706150bca/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectprofitabledisplaynetwork.com
FingerprintF8:76:7B:6D:E9:49:0F:FE:3A:DE:54:8B:28:91:35:99:76:99:8E:89
ValiditySun, 29 Oct 2023 07:30:47 GMT - Sat, 27 Jan 2024 07:30:46 GMT
File type exported SGML document, ASCII text, with very long lines (29598), with no line terminators
Hash f8d837d26629861aa1e70dfde75d7877
163bc098a3f7374c8f3e3899604b201d81933592
0dd0ed40adeee6071cd2b4ea61b966add6474f63f0fc8de671386892bc81da33
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /663539eb42566050ce55e91706150bca/invoke.js HTTP/1.1
Host: www.profitabledisplaynetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Nov 2023 02:02:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 829caf7f467324924d2671555d920c71
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET flipendangered.com/watch.1370209808995.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=6780c02bfe13a6cee52281f97c523f429f8476a89516850738fc07a02981e8333ea8d2731de50f805130086af75ccda0b57c019f3f1c85f3659465324e1d62a7993ec43810da4b1357a08bd38afad783c47b40885c37553f9b12c60320404e4d56&pst=1699149779&rmtc=t
200 OK 2.0 kB URL GET HTTP/1.1 flipendangered.com/watch.1370209808995.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=6780c02bfe13a6cee52281f97c523f429f8476a89516850738fc07a02981e8333ea8d2731de50f805130086af75ccda0b57c019f3f1c85f3659465324e1d62a7993ec43810da4b1357a08bd38afad783c47b40885c37553f9b12c60320404e4d56&pst=1699149779&rmtc=t
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectflipendangered.com
Fingerprint1B:C5:01:23:F0:A2:C1:D7:33:10:D3:7F:C0:5F:15:A2:65:22:94:D9
ValidityTue, 10 Oct 2023 08:22:46 GMT - Mon, 08 Jan 2024 08:22:45 GMT
File type HTML document, ASCII text, with very long lines (2524)
Hash 674b57aef5daa9357e094d4c72ce4cd5
b561b38d32943d5b3cbe04f01710c93b0528d4be
c896efbf9a84338fa3d32fdd7170ca69c58161e5d86b6d1f84ba4354a6d7f021
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1370209808995.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=6780c02bfe13a6cee52281f97c523f429f8476a89516850738fc07a02981e8333ea8d2731de50f805130086af75ccda0b57c019f3f1c85f3659465324e1d62a7993ec43810da4b1357a08bd38afad783c47b40885c37553f9b12c60320404e4d56&pst=1699149779&rmtc=t HTTP/1.1
Host: flipendangered.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
Referer: https://nowdemy.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19286784; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTI4Njc4NCwiayI6IjY2MzUzOWViNDI1NjYwNTBjZTU1ZTkxNzA2MTUwYmNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoiaWo0ZWtyNDRhIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ub3dkZW15LmJsb2dzcG90LmNvbS8yMDIzLzAyL3Nob3BwaW5nLXdlYnNpdGUtaW4tcGhwLXdpdGgtc291cmNlLWNvZGUuaHRtbD9tPTEifX0.IO2enA6JIZc9nbG3Gv2Z0Wkdfne8jG5OCTP53O4OMbU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; expires=Sun, 12 Nov 2023 02:02:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
pdhtkv26=true; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
uncs26=1; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2411cfe5f43144c9c48c0dcd64815c3f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET disgracefulforeword.com/watch.476067565901.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
307 Temporary Redirect 0 B URL GET HTTP/1.1 disgracefulforeword.com/watch.476067565901.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectdisgracefulforeword.com
FingerprintD1:31:71:E2:9E:86:02:4F:BF:58:36:33:3A:9E:F4:1C:3A:03:5C:85
ValidityWed, 27 Sep 2023 00:38:02 GMT - Tue, 26 Dec 2023 00:38:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.476067565901.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1 HTTP/1.1
Host: disgracefulforeword.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:00 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://disgracefulforeword.com/watch.476067565901.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=4940a415655058c26863b5157fefc23fb8d02a5a0621ad3cdb88adc671cf1484d263bc84d0ad572100befbf73e722be2c4c4fe39e9f3b6766fa20bd5d3cbce88661706be235518fec0a312ea495531d602d04ef714b5722e3b537eb27bb6b19f67&pst=1699149780&rmtc=t
Set-Cookie: u_pl=18445737; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODQ0NTczNywiayI6IjNlZTAzZjBkMWMyOTQwZjNkYWFlODU3MjA0Y2Q5ZGEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoiZmdzemZqODEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25vd2RlbXkuYmxvZ3Nwb3QuY29tLzIwMjMvMDIvc2hvcHBpbmctd2Vic2l0ZS1pbi1waHAtd2l0aC1zb3VyY2UtY29kZS5odG1sP209MSJ9fQ.sJn4m8aznRSKIcSVSj0OXXTmP3L0bAdkrYczTrR-FM0; expires=Sun, 05 Nov 2023 02:03:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f7380f1b35d8430c7e05a5c575102dc2
Strict-Transport-Security: max-age=0; includeSubdomains
GET www.effectivecreativeformat.com/3ee03f0d1c2940f3daae857204cd9da0/invoke.js
200 OK 11 kB URL GET HTTP/1.1 www.effectivecreativeformat.com/3ee03f0d1c2940f3daae857204cd9da0/invoke.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjecteffectivecreativeformat.com
Fingerprint6A:8F:F6:A0:C1:B6:14:AE:5C:CC:1E:DE:42:5D:60:E8:38:7A:B6:42
ValidityThu, 19 Oct 2023 06:30:20 GMT - Wed, 17 Jan 2024 06:30:19 GMT
File type exported SGML document, ASCII text, with very long lines (29625), with no line terminators
Hash 902208734d158444d8602125343e2c0c
7ed08a244a782361f87e2f5ee502c68f49165415
875b7f455c05d8f5411f0556758a844a250aadca63bc8badf16937e6c2df85f7
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /3ee03f0d1c2940f3daae857204cd9da0/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a4fec7d7cf229ee3e0534ebfc69d153
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET disgracefulforeword.com/watch.476067565901.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=4940a415655058c26863b5157fefc23fb8d02a5a0621ad3cdb88adc671cf1484d263bc84d0ad572100befbf73e722be2c4c4fe39e9f3b6766fa20bd5d3cbce88661706be235518fec0a312ea495531d602d04ef714b5722e3b537eb27bb6b19f67&pst=1699149780&rmtc=t
200 OK 2.0 kB URL GET HTTP/1.1 disgracefulforeword.com/watch.476067565901.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=4940a415655058c26863b5157fefc23fb8d02a5a0621ad3cdb88adc671cf1484d263bc84d0ad572100befbf73e722be2c4c4fe39e9f3b6766fa20bd5d3cbce88661706be235518fec0a312ea495531d602d04ef714b5722e3b537eb27bb6b19f67&pst=1699149780&rmtc=t
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectdisgracefulforeword.com
FingerprintD1:31:71:E2:9E:86:02:4F:BF:58:36:33:3A:9E:F4:1C:3A:03:5C:85
ValidityWed, 27 Sep 2023 00:38:02 GMT - Tue, 26 Dec 2023 00:38:01 GMT
File type HTML document, ASCII text, with very long lines (2483)
Hash b3b72899edc6c489e00e2ea3991a03be
068e8d6fa7c8a14813f995bbd9257be083847b47
f5b12be99235e4cf787e41620d4318c6a7cfdd13052f11c9a976cb34601a6edc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.476067565901.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=4940a415655058c26863b5157fefc23fb8d02a5a0621ad3cdb88adc671cf1484d263bc84d0ad572100befbf73e722be2c4c4fe39e9f3b6766fa20bd5d3cbce88661706be235518fec0a312ea495531d602d04ef714b5722e3b537eb27bb6b19f67&pst=1699149780&rmtc=t HTTP/1.1
Host: disgracefulforeword.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
Referer: https://nowdemy.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18445737; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODQ0NTczNywiayI6IjNlZTAzZjBkMWMyOTQwZjNkYWFlODU3MjA0Y2Q5ZGEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoiZmdzemZqODEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25vd2RlbXkuYmxvZ3Nwb3QuY29tLzIwMjMvMDIvc2hvcHBpbmctd2Vic2l0ZS1pbi1waHAtd2l0aC1zb3VyY2UtY29kZS5odG1sP209MSJ9fQ.sJn4m8aznRSKIcSVSj0OXXTmP3L0bAdkrYczTrR-FM0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; expires=Sun, 12 Nov 2023 02:02:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c5ed29c577539c1b0f98efc83f3de8c1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png
200 OK 106 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size 106 kB (105910 bytes)
Hash a36b92bb68d9b579458560ba9b94862a
782d2932ccd3a56e5aad1cca7e6e7fb4a3cf23d6
9de12cf85ad80cae34d8bdaeb59169d75e3bd4f8b931ec90ea2c3be166647c0e
GET /cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:00 GMT
content-type: image/png
content-length: 105910
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:08:06 GMT
etag: "62e11c96-19db6"
expires: Tue, 07 Nov 2023 02:02:00 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET cdn.cloudimagesb.com/cti/ef/e7/2c/efe72c123e30559522d7bc0c3e0c7e80/1663334578.png
200 OK 43 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/ef/e7/2c/efe72c123e30559522d7bc0c3e0c7e80/1663334578.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT
File type PNG image data, 160 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 469a70181549a937844e8cb7be2ad6d7
f3d6aad51d76c1a25b03d2b765d1b53c4fc27a35
c8bf9f4cba383ef35ebfadbae98dc7f7f57d092b154a5590f02677c388e447eb
GET /cti/ef/e7/2c/efe72c123e30559522d7bc0c3e0c7e80/1663334578.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:00 GMT
content-type: image/png
content-length: 43113
server: nginx/1.21.6
last-modified: Fri, 16 Sep 2022 13:23:06 GMT
etag: "632478ba-a869"
expires: Tue, 07 Nov 2023 02:02:00 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.youtube.com/s/player/9d15588c/player_ias.vflset/en_US/remote.js
200 OK 34 kB URL GET HTTP/3 www.youtube.com/s/player/9d15588c/player_ias.vflset/en_US/remote.js
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (537)
Hash f402c83698e962790e687760233c98ac
7b4ea70005245292f4e1c36e896c3320a662e6c6
6840401b7255512c5b9900409a9644d4e9b3cec94134f2154c1b93f80dc7bbc0
GET /s/player/9d15588c/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 07:28:46 GMT
expires: Thu, 31 Oct 2024 07:28:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 325994
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.profitabledisplaynetwork.com/663539eb42566050ce55e91706150bca/invoke.js
200 OK 11 kB URL GET HTTP/1.1 www.profitabledisplaynetwork.com/663539eb42566050ce55e91706150bca/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectprofitabledisplaynetwork.com
FingerprintF8:76:7B:6D:E9:49:0F:FE:3A:DE:54:8B:28:91:35:99:76:99:8E:89
ValiditySun, 29 Oct 2023 07:30:47 GMT - Sat, 27 Jan 2024 07:30:46 GMT
File type exported SGML document, ASCII text, with very long lines (29646), with no line terminators
Hash 2a0029f68e5a71aa6c43287c0f48be25
f1492a94ac7633d30cfd6d61e884745bfc2bef13
c16e47aedeb391635217d8b780ff4f33a87837e1170bff5ef376eaa780677fb8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /663539eb42566050ce55e91706150bca/invoke.js HTTP/1.1
Host: www.profitabledisplaynetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Nov 2023 02:02:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6b07c72db3cacb4786372630de423379
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
POST jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL POST HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 05 Nov 2023 02:02:00 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET cdn.cloudimagesb.com/cti/36/90/13/369013892c357d415d1ad7748ed75879/1627917230.png
200 OK 62 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/36/90/13/369013892c357d415d1ad7748ed75879/1627917230.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT
File type PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash aab722bc84ce26456c71f76bf135d39d
931d9bda71c71ca06e3774c1d67d9842b2c2dc7e
47f5ef20379af39109b365fa5700137a998dd749ca0ea5faf3e82b94be508c59
GET /cti/36/90/13/369013892c357d415d1ad7748ed75879/1627917230.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:00 GMT
content-type: image/png
content-length: 61633
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 15:13:57 GMT
etag: "61080bb5-f0c1"
expires: Tue, 07 Nov 2023 02:02:00 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.youtube.com/s/player/9d15588c/www-player.css
200 OK 49 kB URL GET HTTP/3 www.youtube.com/s/player/9d15588c/www-player.css
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8dc2aaffee01544d7c0dfdc2d7600ce0
1499c1b257ee75da64ef5046d3ac9002ab302cb4
59640f904cf8abdc7a1d4189f3bb6ab83bfd60a8dd251a0abb5d5d3ab8a11b24
GET /s/player/9d15588c/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48897
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 07:28:44 GMT
expires: Thu, 31 Oct 2024 07:28:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 325996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.youtube.com/s/player/9d15588c/player_ias.vflset/en_US/embed.js
200 OK 18 kB URL GET HTTP/3 www.youtube.com/s/player/9d15588c/player_ias.vflset/en_US/embed.js
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (3391)
Hash 00fcd8f19f33cdd43dfbd93f93b1cacf
22652f87a2dbe4da673b3b8957c76f122e803559
84903214c4c40def6908be4fb42fd9f2b01ef82af69eee3ec6c8dbcbdaa6a7e7
GET /s/player/9d15588c/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 17508
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Nov 2023 18:22:17 GMT
expires: Sun, 03 Nov 2024 18:22:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 27583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.youtube.com/s/player/9d15588c/www-embed-player.vflset/www-embed-player.js
200 OK 98 kB URL GET HTTP/3 www.youtube.com/s/player/9d15588c/www-embed-player.vflset/www-embed-player.js
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (682)
Hash a7c1c62310f68f1a1c6a0b75b5039eec
f0907153b862018c2938c3ce5c7d1faf060903ed
781ca116ffbdbcc5677786946676f2fa8bd27fbb34137972524a4a11cc885a28
GET /s/player/9d15588c/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 98339
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 07:28:44 GMT
expires: Thu, 31 Oct 2024 07:28:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 325996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET gapcask.com/watch.160617571057.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
307 Temporary Redirect 0 B URL GET HTTP/1.1 gapcask.com/watch.160617571057.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectgapcask.com
FingerprintB6:E3:8B:27:5A:DD:FA:64:4E:07:E7:02:30:BD:9E:0B:B3:92:2D:65
ValidityTue, 10 Oct 2023 08:31:48 GMT - Mon, 08 Jan 2024 08:31:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.160617571057.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1 HTTP/1.1
Host: gapcask.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:00 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://gapcask.com/watch.160617571057.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=cd821f4188240bb19e24b52fa797929cf3a72e1e10735e270cc736724ae80786c13a319328653263473ece999ed5414dd9f0073c837b1ac70148381ef777168b3127dbe0a8035ba81fe0fb6fc091cf17c689db689aded96072c99ada09f9d69a&pst=1699149780&rmtc=t
Set-Cookie: u_pl=19286784; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTI4Njc4NCwiayI6IjY2MzUzOWViNDI1NjYwNTBjZTU1ZTkxNzA2MTUwYmNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoiaWo0ZWtyNDRhIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ub3dkZW15LmJsb2dzcG90LmNvbS8yMDIzLzAyL3Nob3BwaW5nLXdlYnNpdGUtaW4tcGhwLXdpdGgtc291cmNlLWNvZGUuaHRtbD9tPTEifX0.IO2enA6JIZc9nbG3Gv2Z0Wkdfne8jG5OCTP53O4OMbU; expires=Sun, 05 Nov 2023 02:03:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ecb13ab3bc7bd6b0eaf8f8e3e24b5052
Strict-Transport-Security: max-age=0; includeSubdomains
POST jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 32 kB URL POST HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 0c4c7402c46e767c3e874a0c1ecdf802
2ca5937f74ca8d8594dea964f8682924c14b124d
cd4bf35b6a9b2fedcea8a5a98d4b8ecf5717424157975fb62c982a1f6c5e7269
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 05 Nov 2023 02:02:00 GMT
server: ESF
cache-control: private
content-length: 32158
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=k9bc3ad6nn6k
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 22:20:01 GMT
expires: Sat, 02 Nov 2024 22:20:01 GMT
cache-control: public, max-age=31536000
age: 99719
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET judicialfizzysoftball.com/watch.871323171992.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
307 Temporary Redirect 0 B URL GET HTTP/1.1 judicialfizzysoftball.com/watch.871323171992.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectjudicialfizzysoftball.com
FingerprintD8:F0:4C:41:5E:B8:53:DD:A9:DB:D0:B2:04:96:96:5B:BC:91:D2:91
ValidityWed, 27 Sep 2023 00:34:23 GMT - Tue, 26 Dec 2023 00:34:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.871323171992.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1 HTTP/1.1
Host: judicialfizzysoftball.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 05 Nov 2023 02:02:00 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://judicialfizzysoftball.com/watch.871323171992.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=57e8137adcb8b22a2d70b0733eb91afb7ab7659a88de9f8a1edaa4bd1850c3af0329e4ec08501fd8420ad882bf7c44fb31a2e7b1cf847b56b27f70a9445c678ed9fdcbe3592d3acb11f7e06c3288decbe416ccb15a1588700181961143628c&pst=1699149780&rmtc=t
Set-Cookie: u_pl=18445737; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODQ0NTczNywiayI6IjNlZTAzZjBkMWMyOTQwZjNkYWFlODU3MjA0Y2Q5ZGEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoiZmdzemZqODEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25vd2RlbXkuYmxvZ3Nwb3QuY29tLzIwMjMvMDIvc2hvcHBpbmctd2Vic2l0ZS1pbi1waHAtd2l0aC1zb3VyY2UtY29kZS5odG1sP209MSJ9fQ.sJn4m8aznRSKIcSVSj0OXXTmP3L0bAdkrYczTrR-FM0; expires=Sun, 05 Nov 2023 02:03:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0c954560fb2fdbd001c578a7260672cc
Strict-Transport-Security: max-age=0; includeSubdomains
GET fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Nov 2023 23:51:35 GMT
expires: Fri, 01 Nov 2024 23:51:35 GMT
cache-control: public, max-age=31536000
age: 180625
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET yt3.ggpht.com/T72tLoUPeJG1eVXs9R1GL0SCF_oFdN8S7qK5S_5gT8EHCq0toFFuu0KRD6Cqp3CqjsaW1fuK=s68-c-k-c0x00ffffff-no-rj
200 OK 3.0 kB URL GET HTTP/3 yt3.ggpht.com/T72tLoUPeJG1eVXs9R1GL0SCF_oFdN8S7qK5S_5gT8EHCq0toFFuu0KRD6Cqp3CqjsaW1fuK=s68-c-k-c0x00ffffff-no-rj
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintCB:BB:D8:FC:60:AA:94:8F:47:5C:88:BB:C3:30:22:92:26:D3:85:2F
ValidityMon, 16 Oct 2023 08:09:46 GMT - Mon, 08 Jan 2024 08:09:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 86aaedb8c17bf2d65ac4d73c5a16c668
da83357037b0fd97d6346a4050b7a17494a66b15
cb36c204911a1478c4695a38ad626ad9e5e7b2a382e2f6ea83e07ac988590a8a
GET /T72tLoUPeJG1eVXs9R1GL0SCF_oFdN8S7qK5S_5gT8EHCq0toFFuu0KRD6Cqp3CqjsaW1fuK=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 3009
x-xss-protection: 0
date: Sun, 05 Nov 2023 02:02:00 GMT
expires: Mon, 06 Nov 2023 02:02:00 GMT
cache-control: public, max-age=86400, no-transform
etag: "v2"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET strawguineaequanimity.com/watch.332510591198.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
307 Temporary Redirect 0 B URL GET HTTP/1.1 strawguineaequanimity.com/watch.332510591198.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectstrawguineaequanimity.com
Fingerprint04:72:5E:60:70:6A:8F:28:23:F1:D1:66:E2:DD:C3:1D:14:97:8F:7E
ValidityTue, 10 Oct 2023 08:22:10 GMT - Mon, 08 Jan 2024 08:22:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.332510591198.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1 HTTP/1.1
Host: strawguineaequanimity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 05 Nov 2023 02:02:00 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://strawguineaequanimity.com/watch.332510591198.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=c1bc529d35659ead063f2c63310f0835de237905671d0a9a10d629bb8d904d64446a46da63eb94b1953bb365b43d90a392f218e127a7c8c47a6fea27acc353aa5d7e9f7228564aea90ebe22f9c3e569dc51b4a&pst=1699149780&rmtc=t
Set-Cookie: u_pl=18445737; expires=Mon, 06 Nov 2023 02:02:00 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODQ0NTczNywiayI6IjNlZTAzZjBkMWMyOTQwZjNkYWFlODU3MjA0Y2Q5ZGEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoiZmdzemZqODEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25vd2RlbXkuYmxvZ3Nwb3QuY29tLzIwMjMvMDIvc2hvcHBpbmctd2Vic2l0ZS1pbi1waHAtd2l0aC1zb3VyY2UtY29kZS5odG1sP209MSJ9fQ.sJn4m8aznRSKIcSVSj0OXXTmP3L0bAdkrYczTrR-FM0; expires=Sun, 05 Nov 2023 02:03:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 13309dddc43211ac1395f4fd13bbde1a
Strict-Transport-Security: max-age=0; includeSubdomains
GET i.ytimg.com/vi/xys3h4TNXj0/sddefault.jpg
200 OK 55 kB URL GET HTTP/3 i.ytimg.com/vi/xys3h4TNXj0/sddefault.jpg
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subjectedgestatic.com
Fingerprint30:FC:ED:56:9F:85:39:F1:1B:87:3B:5E:09:20:49:BB:39:CC:EA:8D
ValidityMon, 16 Oct 2023 08:02:25 GMT - Mon, 08 Jan 2024 08:02:24 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash a4a5c1f610a82fca52e9fae4ed96d1d7
f6e79bcc88ea56915d8a13b0dce350bf907cc9d3
9bfecc0d4d68eea01a1e1e23c697fd97100d6350acc9fc3f4f2421b49d6955c7
GET /vi/xys3h4TNXj0/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 54567
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Nov 2023 02:02:00 GMT
expires: Sun, 05 Nov 2023 04:02:00 GMT
cache-control: public, max-age=7200
etag: "1676062106"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.google.com/js/th/QcAALD0fIyejrwdw44bQZTSl0S_tfxpIwjw1mnUR6iI.js
200 OK 15 kB URL GET HTTP/2 www.google.com/js/th/QcAALD0fIyejrwdw44bQZTSl0S_tfxpIwjw1mnUR6iI.js
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintF5:CC:DA:B5:BA:1E:14:14:44:CC:27:90:92:CC:60:1F:5F:08:AF:77
ValidityMon, 16 Oct 2023 08:10:46 GMT - Mon, 08 Jan 2024 08:10:45 GMT
File type ASCII text, with very long lines (37437)
Hash 0bfd0633b594a297f64458c7cb52b02f
5a68334d38407197650d74e9d6cfea5c6b3aa441
41c0002c3d1f2327a3af0770e386d06534a5d12fed7f1a48c23c359a7511ea22
GET /js/th/QcAALD0fIyejrwdw44bQZTSl0S_tfxpIwjw1mnUR6iI.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14673
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Nov 2023 00:35:27 GMT
expires: Sun, 03 Nov 2024 00:35:27 GMT
cache-control: public, max-age=31536000
age: 91593
last-modified: Tue, 10 Oct 2023 07:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.effectivecreativeformat.com/3ee03f0d1c2940f3daae857204cd9da0/invoke.js
200 OK 11 kB URL GET HTTP/1.1 www.effectivecreativeformat.com/3ee03f0d1c2940f3daae857204cd9da0/invoke.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjecteffectivecreativeformat.com
Fingerprint6A:8F:F6:A0:C1:B6:14:AE:5C:CC:1E:DE:42:5D:60:E8:38:7A:B6:42
ValidityThu, 19 Oct 2023 06:30:20 GMT - Wed, 17 Jan 2024 06:30:19 GMT
File type exported SGML document, ASCII text, with very long lines (29592), with no line terminators
Hash 22203ba9d173f6f9c4b0dab06835638d
fc4d729e073122bb1679fa47e80364cd6bcd3f26
563d330e94e2685003bac7985c09afb0d34a214a43611e2268cdbf68d28bd038
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /3ee03f0d1c2940f3daae857204cd9da0/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c15f71ebf65f24562b9d1489ba57d611
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET nullsglitter.com/watch.618102413893.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
307 Temporary Redirect 0 B URL GET HTTP/1.1 nullsglitter.com/watch.618102413893.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectnullsglitter.com
FingerprintD0:9E:53:33:23:F8:3F:A4:F3:66:68:50:0A:38:5A:12:9A:1D:DB:77
ValidityMon, 25 Sep 2023 09:03:18 GMT - Sun, 24 Dec 2023 09:03:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.618102413893.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1 HTTP/1.1
Host: nullsglitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://nullsglitter.com/watch.618102413893.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=db0b2fa4a8f72cbb28014ae64e66f4fbe6dcf9acd0576a7262261bfaf9a5ba1a72ebd73193fc6952ba68357822a59ca1a083d35905aa343e04e7dc8142d038d6c638711417ae821e659de67d3b111238cbf1f60fede78597fd620e683c09f9&pst=1699149781&rmtc=t
Set-Cookie: u_pl=19286784; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTI4Njc4NCwiayI6IjY2MzUzOWViNDI1NjYwNTBjZTU1ZTkxNzA2MTUwYmNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoiaWo0ZWtyNDRhIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ub3dkZW15LmJsb2dzcG90LmNvbS8yMDIzLzAyL3Nob3BwaW5nLXdlYnNpdGUtaW4tcGhwLXdpdGgtc291cmNlLWNvZGUuaHRtbD9tPTEifX0.IO2enA6JIZc9nbG3Gv2Z0Wkdfne8jG5OCTP53O4OMbU; expires=Sun, 05 Nov 2023 02:03:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eca47ed532a04efadd73f05002c5d792
Strict-Transport-Security: max-age=0; includeSubdomains
GET gapcask.com/watch.160617571057.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=cd821f4188240bb19e24b52fa797929cf3a72e1e10735e270cc736724ae80786c13a319328653263473ece999ed5414dd9f0073c837b1ac70148381ef777168b3127dbe0a8035ba81fe0fb6fc091cf17c689db689aded96072c99ada09f9d69a&pst=1699149780&rmtc=t
200 OK 2.0 kB URL GET HTTP/1.1 gapcask.com/watch.160617571057.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=cd821f4188240bb19e24b52fa797929cf3a72e1e10735e270cc736724ae80786c13a319328653263473ece999ed5414dd9f0073c837b1ac70148381ef777168b3127dbe0a8035ba81fe0fb6fc091cf17c689db689aded96072c99ada09f9d69a&pst=1699149780&rmtc=t
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectgapcask.com
FingerprintB6:E3:8B:27:5A:DD:FA:64:4E:07:E7:02:30:BD:9E:0B:B3:92:2D:65
ValidityTue, 10 Oct 2023 08:31:48 GMT - Mon, 08 Jan 2024 08:31:47 GMT
File type HTML document, ASCII text, with very long lines (2487)
Hash fe831e260d08fdd258d2c0b17794fb4e
84793576cf082587b70e6a77e24ae5e9d70d0de6
fdef3a16ecf671f91afe1a1c2dd13648e520ccf355734bae8098adfaa5a93d57
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.160617571057.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=cd821f4188240bb19e24b52fa797929cf3a72e1e10735e270cc736724ae80786c13a319328653263473ece999ed5414dd9f0073c837b1ac70148381ef777168b3127dbe0a8035ba81fe0fb6fc091cf17c689db689aded96072c99ada09f9d69a&pst=1699149780&rmtc=t HTTP/1.1
Host: gapcask.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
Referer: https://nowdemy.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19286784; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTI4Njc4NCwiayI6IjY2MzUzOWViNDI1NjYwNTBjZTU1ZTkxNzA2MTUwYmNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoiaWo0ZWtyNDRhIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ub3dkZW15LmJsb2dzcG90LmNvbS8yMDIzLzAyL3Nob3BwaW5nLXdlYnNpdGUtaW4tcGhwLXdpdGgtc291cmNlLWNvZGUuaHRtbD9tPTEifX0.IO2enA6JIZc9nbG3Gv2Z0Wkdfne8jG5OCTP53O4OMbU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; expires=Sun, 12 Nov 2023 02:02:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
pdhtkv26=true; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
uncs26=1; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 86c9c5a4866c888a2d6785d1ef4d74e5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET strawguineaequanimity.com/watch.332510591198.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=c1bc529d35659ead063f2c63310f0835de237905671d0a9a10d629bb8d904d64446a46da63eb94b1953bb365b43d90a392f218e127a7c8c47a6fea27acc353aa5d7e9f7228564aea90ebe22f9c3e569dc51b4a&pst=1699149780&rmtc=t
200 OK 2.0 kB URL GET HTTP/1.1 strawguineaequanimity.com/watch.332510591198.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=c1bc529d35659ead063f2c63310f0835de237905671d0a9a10d629bb8d904d64446a46da63eb94b1953bb365b43d90a392f218e127a7c8c47a6fea27acc353aa5d7e9f7228564aea90ebe22f9c3e569dc51b4a&pst=1699149780&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectstrawguineaequanimity.com
Fingerprint04:72:5E:60:70:6A:8F:28:23:F1:D1:66:E2:DD:C3:1D:14:97:8F:7E
ValidityTue, 10 Oct 2023 08:22:10 GMT - Mon, 08 Jan 2024 08:22:09 GMT
File type HTML document, ASCII text, with very long lines (2455)
Hash c27d9eb946ddf08d4a2006a3342834a9
7306aecd1bf06d0b8d3da80c686210066d3f5c1a
8184cea7be19ea76cc03865e8a7c6bac623d44998e0437f6e8fd3ef5755c5922
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.332510591198.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=c1bc529d35659ead063f2c63310f0835de237905671d0a9a10d629bb8d904d64446a46da63eb94b1953bb365b43d90a392f218e127a7c8c47a6fea27acc353aa5d7e9f7228564aea90ebe22f9c3e569dc51b4a&pst=1699149780&rmtc=t HTTP/1.1
Host: strawguineaequanimity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
Referer: https://nowdemy.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18445737; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODQ0NTczNywiayI6IjNlZTAzZjBkMWMyOTQwZjNkYWFlODU3MjA0Y2Q5ZGEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoiZmdzemZqODEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25vd2RlbXkuYmxvZ3Nwb3QuY29tLzIwMjMvMDIvc2hvcHBpbmctd2Vic2l0ZS1pbi1waHAtd2l0aC1zb3VyY2UtY29kZS5odG1sP209MSJ9fQ.sJn4m8aznRSKIcSVSj0OXXTmP3L0bAdkrYczTrR-FM0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Nov 2023 02:02:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; expires=Sun, 12 Nov 2023 02:02:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1a726ad3bec1b636031711b1b320976d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET judicialfizzysoftball.com/watch.871323171992.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=57e8137adcb8b22a2d70b0733eb91afb7ab7659a88de9f8a1edaa4bd1850c3af0329e4ec08501fd8420ad882bf7c44fb31a2e7b1cf847b56b27f70a9445c678ed9fdcbe3592d3acb11f7e06c3288decbe416ccb15a1588700181961143628c&pst=1699149780&rmtc=t
200 OK 2.1 kB URL GET HTTP/1.1 judicialfizzysoftball.com/watch.871323171992.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=57e8137adcb8b22a2d70b0733eb91afb7ab7659a88de9f8a1edaa4bd1850c3af0329e4ec08501fd8420ad882bf7c44fb31a2e7b1cf847b56b27f70a9445c678ed9fdcbe3592d3acb11f7e06c3288decbe416ccb15a1588700181961143628c&pst=1699149780&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectjudicialfizzysoftball.com
FingerprintD8:F0:4C:41:5E:B8:53:DD:A9:DB:D0:B2:04:96:96:5B:BC:91:D2:91
ValidityWed, 27 Sep 2023 00:34:23 GMT - Tue, 26 Dec 2023 00:34:22 GMT
File type HTML document, ASCII text, with very long lines (2598)
Hash bcf6276728bab0c97e3c9c82fcaaddef
5ebbfbee1e00096e91118a179fc01c14a573ad6f
02486addba94631fdf9ff078c4b09cfe1c62e82dca6b70839d9f75271ab1e2a3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.871323171992.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=57e8137adcb8b22a2d70b0733eb91afb7ab7659a88de9f8a1edaa4bd1850c3af0329e4ec08501fd8420ad882bf7c44fb31a2e7b1cf847b56b27f70a9445c678ed9fdcbe3592d3acb11f7e06c3288decbe416ccb15a1588700181961143628c&pst=1699149780&rmtc=t HTTP/1.1
Host: judicialfizzysoftball.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
Referer: https://nowdemy.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18445737; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODQ0NTczNywiayI6IjNlZTAzZjBkMWMyOTQwZjNkYWFlODU3MjA0Y2Q5ZGEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoiZmdzemZqODEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25vd2RlbXkuYmxvZ3Nwb3QuY29tLzIwMjMvMDIvc2hvcHBpbmctd2Vic2l0ZS1pbi1waHAtd2l0aC1zb3VyY2UtY29kZS5odG1sP209MSJ9fQ.sJn4m8aznRSKIcSVSj0OXXTmP3L0bAdkrYczTrR-FM0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Nov 2023 02:02:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; expires=Sun, 12 Nov 2023 02:02:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f4f71113588686d59cd00b21a7ae0d02
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
OPTIONS jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL OPTIONS HTTP/3 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 05 Nov 2023 02:02:01 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
OPTIONS jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL OPTIONS HTTP/3 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 082c2936e9674bac3bfa24e538f80209
6188b09dcdfd0635c72b38ccc6dff2fba712932a
00b55bd84e40916097adbe36a3774569a4df174b96d86da0c2fa871cc18d5e29
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1279
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 05 Nov 2023 02:02:01 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET lh3.googleusercontent.com/blogger_img_proxy/ALY8t1vuflEeoujCjrY5G6_jvoTK5ekkxMzAEc6eGT5qXR9i-iHnzE-WbCkhuyVSw5w09N1Q_rYN7iwm7vbilCpQb6b3G1i2nqSgh33mTSA8DgODYA6Tbg=w256-h256-n-k-no-nu
200 OK 21 kB URL GET HTTP/3 lh3.googleusercontent.com/blogger_img_proxy/ALY8t1vuflEeoujCjrY5G6_jvoTK5ekkxMzAEc6eGT5qXR9i-iHnzE-WbCkhuyVSw5w09N1Q_rYN7iwm7vbilCpQb6b3G1i2nqSgh33mTSA8DgODYA6Tbg=w256-h256-n-k-no-nu
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintCB:BB:D8:FC:60:AA:94:8F:47:5C:88:BB:C3:30:22:92:26:D3:85:2F
ValidityMon, 16 Oct 2023 08:09:46 GMT - Mon, 08 Jan 2024 08:09:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 350899ea62a1e7cf6f2ef0a792db3cab
597d4d02f9e649569e31d412bfc690e800376ac5
9b40c5a811a7c35b14ed0bad8de0c7c7843375d41cb71750b82cdb509e697bcb
GET /blogger_img_proxy/ALY8t1vuflEeoujCjrY5G6_jvoTK5ekkxMzAEc6eGT5qXR9i-iHnzE-WbCkhuyVSw5w09N1Q_rYN7iwm7vbilCpQb6b3G1i2nqSgh33mTSA8DgODYA6Tbg=w256-h256-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Mon, 06 Nov 2023 02:02:01 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sun, 05 Nov 2023 02:02:01 GMT
server: fife
content-length: 20790
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.youtube.com/s/player/9d15588c/player_ias.vflset/en_US/base.js
200 OK 503 B URL GET HTTP/3 www.youtube.com/s/player/9d15588c/player_ias.vflset/en_US/base.js
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
Hash dbe7bbcab2fc4b3f3596ae035425d965
a474efa58dc16638c4d92dd34039aa04079d19ef
08e37a284c548d284395548df62b2d3f02312c81c4768ce05b13f7b3ac29a9d7
GET /s/player/9d15588c/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 774756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Nov 2023 18:34:41 GMT
expires: Sun, 03 Nov 2024 18:34:41 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 26839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET friendshipmale.com/sfp.js
200 OK 53 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 2d0450888479d4ddda305bd96206b240
5b4595aab1cd3f854718e05db9be0c65a12ab2f6
44de073e74ff24c6b1c0fe1f3ac5b33d793560e85ef24fb6ce89e76c2cf90af6
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:01 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: bbf57e2da33891bf35f9bd7e13f88230
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 05 Nov 2023 02:02:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fq6Ke58nXkUe3bdJsKhp0pI1eK6zEWLxLKYk4J8LyCAhzkrr%2BmCAX7jJQL3THeJr2RGDQuJrqURwCtHS9pVwsHLi2QHSu18%2FajuS%2BTd0kIwIzYZX%2BO6xUL2BeDBZCzMZL5Uw0OA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8211831daa984173-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.blogger.com/img/blogger_logo_round_35.png
200 OK 2.5 kB URL GET HTTP/3 www.blogger.com/img/blogger_logo_round_35.png
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint75:53:9F:32:2C:07:BD:E7:26:FE:91:BD:A8:0F:85:6C:DE:21:40:BB
ValidityMon, 16 Oct 2023 08:02:00 GMT - Mon, 08 Jan 2024 08:01:59 GMT
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 838622483cbfed35380b4705f19d7cca
7de684136affc969a24d61927afc18905cf2fc36
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
GET /img/blogger_logo_round_35.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2531
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Oct 2023 05:14:10 GMT
expires: Tue, 07 Nov 2023 05:14:10 GMT
cache-control: public, max-age=604800
last-modified: Mon, 30 Oct 2023 12:55:13 GMT
content-type: image/png
age: 420471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.blogblog.com/indie/mspin_black_large.svg
200 OK 870 B URL GET HTTP/3 www.blogblog.com/indie/mspin_black_large.svg
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint75:53:9F:32:2C:07:BD:E7:26:FE:91:BD:A8:0F:85:6C:DE:21:40:BB
ValidityMon, 16 Oct 2023 08:02:00 GMT - Mon, 08 Jan 2024 08:01:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6453)
Hash 98e0e5b23b2beab22f8278e26b349129
1414f65ab732f08c8efb82ac4b724df3502532f2
1e2c209346d02318a063c7ea2513498881c35f1525114c9b969b573384f54baf
GET /indie/mspin_black_large.svg HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 870
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 03:55:11 GMT
expires: Fri, 10 Nov 2023 03:55:11 GMT
cache-control: public, max-age=604800
last-modified: Thu, 02 Nov 2023 03:56:02 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 166010
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET conductoraspirinmetropolitan.com/watch.1088316585990.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
307 Temporary Redirect 0 B URL GET HTTP/1.1 conductoraspirinmetropolitan.com/watch.1088316585990.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectconductoraspirinmetropolitan.com
Fingerprint9A:D1:7B:30:FD:B5:D3:97:DC:49:27:5C:20:80:26:BA:F5:61:C3:2B
ValidityTue, 10 Oct 2023 08:28:24 GMT - Mon, 08 Jan 2024 08:28:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1088316585990.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1 HTTP/1.1
Host: conductoraspirinmetropolitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 05 Nov 2023 02:02:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://conductoraspirinmetropolitan.com/watch.1088316585990.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=21fcaa4e4f2afd2f39aa6dcb0be2cb08e595834a2730dabd88fa2d6f0c1031d9a65782c31a17f656268ebeae7a054bec202efd3cc703f392531db9c30db993f5a14a41583a11fe4653d0285cc65c84e0475bee918ae14afaf24a7ecc9a2310&pst=1699149781&rmtc=t
Set-Cookie: u_pl=19286784; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTI4Njc4NCwiayI6IjY2MzUzOWViNDI1NjYwNTBjZTU1ZTkxNzA2MTUwYmNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoiaWo0ZWtyNDRhIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ub3dkZW15LmJsb2dzcG90LmNvbS8yMDIzLzAyL3Nob3BwaW5nLXdlYnNpdGUtaW4tcGhwLXdpdGgtc291cmNlLWNvZGUuaHRtbD9tPTEifX0.IO2enA6JIZc9nbG3Gv2Z0Wkdfne8jG5OCTP53O4OMbU; expires=Sun, 05 Nov 2023 02:03:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4ecf4a256e6d2823967a1d2456e71f41
Strict-Transport-Security: max-age=0; includeSubdomains
GET cdn.cloudimagesb.com/cti/90/fa/55/90fa55e79f85a5822e197862b4c53149/1663334602.png
200 OK 33 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/90/fa/55/90fa55e79f85a5822e197862b4c53149/1663334602.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT
File type PNG image data, 160 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash fb8a0af2c78607cf4c540a8be54248ef
795083ee49378071a4a04505ac40dfb4134acd74
1ad52c531815350c0f4411825fde5553748dd6b14bbc73752c939f6eba73c029
GET /cti/90/fa/55/90fa55e79f85a5822e197862b4c53149/1663334602.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:01 GMT
content-type: image/png
content-length: 33090
server: nginx/1.21.6
last-modified: Fri, 16 Sep 2022 13:23:30 GMT
etag: "632478d2-8142"
expires: Tue, 07 Nov 2023 02:02:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.blogger.com/comment/frame/7379893993141487491?po=7528130194335840173&hl=en&skin=notable&blogspotRpcToken=5476085
200 OK 65 kB URL GET HTTP/3 www.blogger.com/comment/frame/7379893993141487491?po=7528130194335840173&hl=en&skin=notable&blogspotRpcToken=5476085
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint75:53:9F:32:2C:07:BD:E7:26:FE:91:BD:A8:0F:85:6C:DE:21:40:BB
ValidityMon, 16 Oct 2023 08:02:00 GMT - Mon, 08 Jan 2024 08:01:59 GMT
File type gzip compressed data, max compression\012- data
Hash f960dae5249319f66125e12cb0f3317c
4e6580c56802ee2235313667847a878d41911f68
13bf47cab3bab4ffe99d6fb78ca0c74e9e1a52385f3e8f0f343efc3abffdd1a2
GET /comment/frame/7379893993141487491?po=7528130194335840173&hl=en&skin=notable&blogspotRpcToken=5476085 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Nov 2023 02:02:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-dxg1hPG5vJouOMW2sfSKxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
cross-origin-resource-policy: same-site
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=kXJvNLI-V3U-YmxGQSTpmIJiPtBF4H8QW_Xlpc_3Q3zVlV9_Ij1iPlbv-zGVVFjv_n-OpLTgLK3eWulgZLsEn232cuksC03u18Q84QMh3ufrN937bowozV-jeBqerApZg7huITnX37hor_zgijFw3sC4lCtn7O_Ka4-zB2cq7ds; expires=Mon, 06-May-2024 02:02:01 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET cdn.cloudimagesb.com/bi/1b/f7/77/1bf7774bc7c1213644bcfb02c333dd15/1695212689.jpg
200 OK 63 kB URL GET HTTP/2 cdn.cloudimagesb.com/bi/1b/f7/77/1bf7774bc7c1213644bcfb02c333dd15/1695212689.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2], baseline, precision 8, 728x90, components 3\012- data
Hash fc82a8ff45fd0f6275f4025e29b20d0c
7163828f5e84271fa1d6f160e12502725618de3c
27329f59dae780b5e3ccb4ae4db57b363eed66874d9db72543262e0eb9279e97
GET /bi/1b/f7/77/1bf7774bc7c1213644bcfb02c333dd15/1695212689.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:01 GMT
content-type: image/jpeg
content-length: 63002
server: nginx/1.21.6
last-modified: Wed, 20 Sep 2023 12:24:58 GMT
etag: "650ae49a-f61a"
expires: Tue, 07 Nov 2023 02:02:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET nullsglitter.com/watch.618102413893.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=db0b2fa4a8f72cbb28014ae64e66f4fbe6dcf9acd0576a7262261bfaf9a5ba1a72ebd73193fc6952ba68357822a59ca1a083d35905aa343e04e7dc8142d038d6c638711417ae821e659de67d3b111238cbf1f60fede78597fd620e683c09f9&pst=1699149781&rmtc=t
200 OK 2.0 kB URL GET HTTP/1.1 nullsglitter.com/watch.618102413893.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=db0b2fa4a8f72cbb28014ae64e66f4fbe6dcf9acd0576a7262261bfaf9a5ba1a72ebd73193fc6952ba68357822a59ca1a083d35905aa343e04e7dc8142d038d6c638711417ae821e659de67d3b111238cbf1f60fede78597fd620e683c09f9&pst=1699149781&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectnullsglitter.com
FingerprintD0:9E:53:33:23:F8:3F:A4:F3:66:68:50:0A:38:5A:12:9A:1D:DB:77
ValidityMon, 25 Sep 2023 09:03:18 GMT - Sun, 24 Dec 2023 09:03:17 GMT
File type HTML document, ASCII text, with very long lines (2528)
Hash b856c0af471424eb7855e1406913f46a
3fcc300ed19f99f00a9cb2bd041b8f21591cf4d7
9b050458d15d6d5fa83b97b6c4119db298261670f4b9eaabb96737f1531a38ff
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.618102413893.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=db0b2fa4a8f72cbb28014ae64e66f4fbe6dcf9acd0576a7262261bfaf9a5ba1a72ebd73193fc6952ba68357822a59ca1a083d35905aa343e04e7dc8142d038d6c638711417ae821e659de67d3b111238cbf1f60fede78597fd620e683c09f9&pst=1699149781&rmtc=t HTTP/1.1
Host: nullsglitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
Referer: https://nowdemy.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19286784; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTI4Njc4NCwiayI6IjY2MzUzOWViNDI1NjYwNTBjZTU1ZTkxNzA2MTUwYmNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoiaWo0ZWtyNDRhIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ub3dkZW15LmJsb2dzcG90LmNvbS8yMDIzLzAyL3Nob3BwaW5nLXdlYnNpdGUtaW4tcGhwLXdpdGgtc291cmNlLWNvZGUuaHRtbD9tPTEifX0.IO2enA6JIZc9nbG3Gv2Z0Wkdfne8jG5OCTP53O4OMbU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; expires=Sun, 12 Nov 2023 02:02:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
pdhtkv26=true; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
uncs26=1; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 65963758530554b60b70f2f6a033e4a9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET dockaround.com/watch.608624720704.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
307 Temporary Redirect 0 B URL GET HTTP/1.1 dockaround.com/watch.608624720704.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectdockaround.com
FingerprintCA:1E:26:F7:01:37:7C:72:0A:A6:0E:A3:55:41:39:D2:CF:4C:87:7B
ValidityTue, 10 Oct 2023 08:44:39 GMT - Mon, 08 Jan 2024 08:44:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.608624720704.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1 HTTP/1.1
Host: dockaround.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://dockaround.com/watch.608624720704.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=7557bedcfd6d6d87882c8bb7db107b367aa5ae3f8fa706aa8780d1e1de85424fee93f7fec052a769866cc6f3d0216a99f5369de317d6018c1017deacf82fc29de1ab395846121377c398ab4c87fff36dfd6d7bcc5df855370f7dc551801a07&pst=1699149781&rmtc=t
Set-Cookie: u_pl=18445737; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODQ0NTczNywiayI6IjNlZTAzZjBkMWMyOTQwZjNkYWFlODU3MjA0Y2Q5ZGEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoiZmdzemZqODEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25vd2RlbXkuYmxvZ3Nwb3QuY29tLzIwMjMvMDIvc2hvcHBpbmctd2Vic2l0ZS1pbi1waHAtd2l0aC1zb3VyY2UtY29kZS5odG1sP209MSJ9fQ.sJn4m8aznRSKIcSVSj0OXXTmP3L0bAdkrYczTrR-FM0; expires=Sun, 05 Nov 2023 02:03:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ce020fb97c4032f41077d76472f3355
Strict-Transport-Security: max-age=0; includeSubdomains
GET www.youtube.com/generate_204?Uup5Uw
204 No Content 0 B URL GET HTTP/3 www.youtube.com/generate_204?Uup5Uw
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?Uup5Uw HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 02:02:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/am=EAalBiA/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3WwGas7llVP9AIFtYFK3HUND_T6w/m=_b,_tp
200 OK 65 kB URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/am=EAalBiA/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3WwGas7llVP9AIFtYFK3HUND_T6w/m=_b,_tp
IP
Requested by https://www.blogger.com/comment/frame/7379893993141487491?po=7528130194335840173&hl=en&skin=notable&blogspotRpcToken=5476085
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint75:53:9F:32:2C:07:BD:E7:26:FE:91:BD:A8:0F:85:6C:DE:21:40:BB
ValidityMon, 16 Oct 2023 08:02:00 GMT - Mon, 08 Jan 2024 08:01:59 GMT
File type ASCII text, with very long lines (2507)
Hash 300f3f125bd73131bfbe631999d0f263
a77740551d58f63b5dbcafa9636421b00cee5925
04a86a824cfb60d4a66ee97b90ca96246d24580e707ad5f8a869254e33cd4203
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/am=EAalBiA/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3WwGas7llVP9AIFtYFK3HUND_T6w/m=_b,_tp HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 64944
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Nov 2023 03:18:18 GMT
expires: Fri, 01 Nov 2024 03:18:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 31 Oct 2023 19:24:08 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 254623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET fonts.gstatic.com/s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkqg.ttf
200 OK 25 kB URL GET HTTP/3 fonts.gstatic.com/s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkqg.ttf
IP
Requested by https://www.blogger.com/comment/frame/7379893993141487491?po=7528130194335840173&hl=en&skin=notable&blogspotRpcToken=5476085
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type TrueType Font data, 16 tables, 1st "GDEF", 12 names, Microsoft, language 0x409\012- data
Hash cda6379bf499adadf079f7e585a474ca
3a1a96c74ec161bd4d46dcb8e37edcc752b4f1b8
18efa39090ab9f3bb7a3dff927a6c18ce1f7ffd327986d493af0b382172905f6
GET /s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkqg.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25417
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 15:53:38 GMT
expires: Sat, 02 Nov 2024 15:53:38 GMT
cache-control: public, max-age=31536000
age: 122903
last-modified: Tue, 21 Feb 2023 21:45:59 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET conductoraspirinmetropolitan.com/watch.1088316585990.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=21fcaa4e4f2afd2f39aa6dcb0be2cb08e595834a2730dabd88fa2d6f0c1031d9a65782c31a17f656268ebeae7a054bec202efd3cc703f392531db9c30db993f5a14a41583a11fe4653d0285cc65c84e0475bee918ae14afaf24a7ecc9a2310&pst=1699149781&rmtc=t
200 OK 2.0 kB URL GET HTTP/1.1 conductoraspirinmetropolitan.com/watch.1088316585990.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=21fcaa4e4f2afd2f39aa6dcb0be2cb08e595834a2730dabd88fa2d6f0c1031d9a65782c31a17f656268ebeae7a054bec202efd3cc703f392531db9c30db993f5a14a41583a11fe4653d0285cc65c84e0475bee918ae14afaf24a7ecc9a2310&pst=1699149781&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectconductoraspirinmetropolitan.com
Fingerprint9A:D1:7B:30:FD:B5:D3:97:DC:49:27:5C:20:80:26:BA:F5:61:C3:2B
ValidityTue, 10 Oct 2023 08:28:24 GMT - Mon, 08 Jan 2024 08:28:23 GMT
File type HTML document, ASCII text, with very long lines (2514)
Hash 2826a8190286a7ef40dd882f5d52c637
e50fe57eae77abfacea66b3e7b27ab21b395fab6
b7d605ec14637cd249b402cd5cbfb7b56467c170e860d7f5adf05c37f2f4638b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1088316585990.js?key=663539eb42566050ce55e91706150bca&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=21fcaa4e4f2afd2f39aa6dcb0be2cb08e595834a2730dabd88fa2d6f0c1031d9a65782c31a17f656268ebeae7a054bec202efd3cc703f392531db9c30db993f5a14a41583a11fe4653d0285cc65c84e0475bee918ae14afaf24a7ecc9a2310&pst=1699149781&rmtc=t HTTP/1.1
Host: conductoraspirinmetropolitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
Referer: https://nowdemy.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19286784; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTI4Njc4NCwiayI6IjY2MzUzOWViNDI1NjYwNTBjZTU1ZTkxNzA2MTUwYmNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoiaWo0ZWtyNDRhIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ub3dkZW15LmJsb2dzcG90LmNvbS8yMDIzLzAyL3Nob3BwaW5nLXdlYnNpdGUtaW4tcGhwLXdpdGgtc291cmNlLWNvZGUuaHRtbD9tPTEifX0.IO2enA6JIZc9nbG3Gv2Z0Wkdfne8jG5OCTP53O4OMbU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Nov 2023 02:02:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; expires=Sun, 12 Nov 2023 02:02:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
pdhtkv26=true; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
uncs26=1; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5a91cf263548f50b153ba91849458a1b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET cdn.cloudimagesb.com/cti/ef/e7/2c/efe72c123e30559522d7bc0c3e0c7e80/1663334578.png
200 OK 43 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/ef/e7/2c/efe72c123e30559522d7bc0c3e0c7e80/1663334578.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT
File type PNG image data, 160 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 469a70181549a937844e8cb7be2ad6d7
f3d6aad51d76c1a25b03d2b765d1b53c4fc27a35
c8bf9f4cba383ef35ebfadbae98dc7f7f57d092b154a5590f02677c388e447eb
GET /cti/ef/e7/2c/efe72c123e30559522d7bc0c3e0c7e80/1663334578.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:01 GMT
content-type: image/png
content-length: 43113
server: nginx/1.21.6
last-modified: Fri, 16 Sep 2022 13:23:06 GMT
etag: "632478ba-a869"
expires: Tue, 07 Nov 2023 02:02:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET dockaround.com/watch.608624720704.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=7557bedcfd6d6d87882c8bb7db107b367aa5ae3f8fa706aa8780d1e1de85424fee93f7fec052a769866cc6f3d0216a99f5369de317d6018c1017deacf82fc29de1ab395846121377c398ab4c87fff36dfd6d7bcc5df855370f7dc551801a07&pst=1699149781&rmtc=t
200 OK 2.0 kB URL GET HTTP/1.1 dockaround.com/watch.608624720704.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=7557bedcfd6d6d87882c8bb7db107b367aa5ae3f8fa706aa8780d1e1de85424fee93f7fec052a769866cc6f3d0216a99f5369de317d6018c1017deacf82fc29de1ab395846121377c398ab4c87fff36dfd6d7bcc5df855370f7dc551801a07&pst=1699149781&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectdockaround.com
FingerprintCA:1E:26:F7:01:37:7C:72:0A:A6:0E:A3:55:41:39:D2:CF:4C:87:7B
ValidityTue, 10 Oct 2023 08:44:39 GMT - Mon, 08 Jan 2024 08:44:38 GMT
File type HTML document, ASCII text, with very long lines (2452)
Hash 75b24f977018283c7174c68406fff4fa
0b343391aa63b833e194910500f8976ba65907a9
5380640258c72380c5e7643df0f1a3f5213a2dc3d51716f3806d901db302174b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.608624720704.js?key=3ee03f0d1c2940f3daae857204cd9da0&kw=%5B%22shopping%22%2C%22website%22%2C%22in%22%2C%22php%22%2C%22with%22%2C%22source%22%2C%22code%22%5D&refer=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&tz=0&dev=e&res=14.2079&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1&shu=7557bedcfd6d6d87882c8bb7db107b367aa5ae3f8fa706aa8780d1e1de85424fee93f7fec052a769866cc6f3d0216a99f5369de317d6018c1017deacf82fc29de1ab395846121377c398ab4c87fff36dfd6d7bcc5df855370f7dc551801a07&pst=1699149781&rmtc=t HTTP/1.1
Host: dockaround.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
Referer: https://nowdemy.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18445737; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODQ0NTczNywiayI6IjNlZTAzZjBkMWMyOTQwZjNkYWFlODU3MjA0Y2Q5ZGEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUxMzQ4LCJwaWQiOjY3Nzc2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoiZmdzemZqODEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25vd2RlbXkuYmxvZ3Nwb3QuY29tLzIwMjMvMDIvc2hvcHBpbmctd2Vic2l0ZS1pbi1waHAtd2l0aC1zb3VyY2UtY29kZS5odG1sP209MSJ9fQ.sJn4m8aznRSKIcSVSj0OXXTmP3L0bAdkrYczTrR-FM0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; expires=Sun, 12 Nov 2023 02:02:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 06 Nov 2023 02:02:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8e7605c38ff4e570103727043cc89356
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/ck=boq-blogger.BloggerCommentUi.9VEhUmOUISI.L.F4.O/am=EAalBiA/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2g25VI0wS0raSnLDUUcKG4kkHAWg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe
200 OK 100 kB URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/ck=boq-blogger.BloggerCommentUi.9VEhUmOUISI.L.F4.O/am=EAalBiA/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2g25VI0wS0raSnLDUUcKG4kkHAWg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe
IP
Requested by https://www.blogger.com/comment/frame/7379893993141487491?po=7528130194335840173&hl=en&skin=notable&blogspotRpcToken=5476085
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint75:53:9F:32:2C:07:BD:E7:26:FE:91:BD:A8:0F:85:6C:DE:21:40:BB
ValidityMon, 16 Oct 2023 08:02:00 GMT - Mon, 08 Jan 2024 08:01:59 GMT
File type ASCII text, with very long lines (2219)
Size 100 kB (100299 bytes)
Hash bb86d6c108d1064b06d60255636d030b
769b868ec8d8a36c9a4b2f968d9672b302583e17
ffcaf17f8795b9eaa95deac9546f646725f5eaeeee96edcfd39bd08c72df5ec7
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/ck=boq-blogger.BloggerCommentUi.9VEhUmOUISI.L.F4.O/am=EAalBiA/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2g25VI0wS0raSnLDUUcKG4kkHAWg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 100299
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Nov 2023 03:28:33 GMT
expires: Fri, 01 Nov 2024 03:28:33 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 30 Oct 2023 11:10:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 254008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/ck=boq-blogger.BloggerCommentUi.9VEhUmOUISI.L.F4.O/am=EAalBiA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2g25VI0wS0raSnLDUUcKG4kkHAWg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x
200 OK 27 kB URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/ck=boq-blogger.BloggerCommentUi.9VEhUmOUISI.L.F4.O/am=EAalBiA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2g25VI0wS0raSnLDUUcKG4kkHAWg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x
IP
Requested by https://www.blogger.com/comment/frame/7379893993141487491?po=7528130194335840173&hl=en&skin=notable&blogspotRpcToken=5476085
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint75:53:9F:32:2C:07:BD:E7:26:FE:91:BD:A8:0F:85:6C:DE:21:40:BB
ValidityMon, 16 Oct 2023 08:02:00 GMT - Mon, 08 Jan 2024 08:01:59 GMT
File type ASCII text, with very long lines (1127)
Hash bca8040784ef7eea621e90913864bd51
e183df33944c0ebbedc4d04a65ecde8642e39dfb
27cd05b121504b0ed254164e3807517ee108230e3624b4e77d3e229bb5eefb36
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/ck=boq-blogger.BloggerCommentUi.9VEhUmOUISI.L.F4.O/am=EAalBiA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2g25VI0wS0raSnLDUUcKG4kkHAWg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 26661
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Nov 2023 03:34:28 GMT
expires: Fri, 01 Nov 2024 03:34:28 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 30 Oct 2023 11:10:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 253653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET cdn.cloudimagesb.com/cti/90/fa/55/90fa55e79f85a5822e197862b4c53149/1663334602.png
200 OK 33 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/90/fa/55/90fa55e79f85a5822e197862b4c53149/1663334602.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT
File type PNG image data, 160 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash fb8a0af2c78607cf4c540a8be54248ef
795083ee49378071a4a04505ac40dfb4134acd74
1ad52c531815350c0f4411825fde5553748dd6b14bbc73752c939f6eba73c029
GET /cti/90/fa/55/90fa55e79f85a5822e197862b4c53149/1663334602.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:01 GMT
content-type: image/png
content-length: 33090
server: nginx/1.21.6
last-modified: Fri, 16 Sep 2022 13:23:30 GMT
etag: "632478d2-8142"
expires: Tue, 07 Nov 2023 02:02:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/ck=boq-blogger.BloggerCommentUi.9VEhUmOUISI.L.F4.O/am=EAalBiA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2g25VI0wS0raSnLDUUcKG4kkHAWg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
200 OK 6.3 kB URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/ck=boq-blogger.BloggerCommentUi.9VEhUmOUISI.L.F4.O/am=EAalBiA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2g25VI0wS0raSnLDUUcKG4kkHAWg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
IP
Requested by https://www.blogger.com/comment/frame/7379893993141487491?po=7528130194335840173&hl=en&skin=notable&blogspotRpcToken=5476085
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint75:53:9F:32:2C:07:BD:E7:26:FE:91:BD:A8:0F:85:6C:DE:21:40:BB
ValidityMon, 16 Oct 2023 08:02:00 GMT - Mon, 08 Jan 2024 08:01:59 GMT
File type ASCII text, with very long lines (2956)
Hash 5580650c9ee8278fe5e2db0b2e316abe
dc1fbca467f9c22542b9537d6968b9907fbf0deb
169ce307695aa4cb4a686fc0a8275907a23b5236122de28b27a0b14cd5a3d2b0
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/ck=boq-blogger.BloggerCommentUi.9VEhUmOUISI.L.F4.O/am=EAalBiA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2g25VI0wS0raSnLDUUcKG4kkHAWg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 6306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Nov 2023 03:34:28 GMT
expires: Fri, 01 Nov 2024 03:34:28 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 30 Oct 2023 11:10:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 253653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET cdn.cloudimagesb.com/cti/27/cf/a9/27cfa94bc21f8231e12ae94f4cebe367/1627917273.png
200 OK 56 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/27/cf/a9/27cfa94bc21f8231e12ae94f4cebe367/1627917273.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT
File type PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash 231d615f0b920b0f0c8758342141193b
ca68f0f6e4c9124bbe61c49d789d0447076b0332
3e24999c26c1c68485e879756ea30639ccee4d7f30f1e2c0e5190818cbab8996
GET /cti/27/cf/a9/27cfa94bc21f8231e12ae94f4cebe367/1627917273.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:01 GMT
content-type: image/png
content-length: 56505
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 15:14:41 GMT
etag: "61080be1-dcb9"
expires: Tue, 07 Nov 2023 02:02:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/ck=boq-blogger.BloggerCommentUi.9VEhUmOUISI.L.F4.O/am=EAalBiA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2g25VI0wS0raSnLDUUcKG4kkHAWg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
200 OK 687 B URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/ck=boq-blogger.BloggerCommentUi.9VEhUmOUISI.L.F4.O/am=EAalBiA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2g25VI0wS0raSnLDUUcKG4kkHAWg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
IP
Requested by https://www.blogger.com/comment/frame/7379893993141487491?po=7528130194335840173&hl=en&skin=notable&blogspotRpcToken=5476085
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint75:53:9F:32:2C:07:BD:E7:26:FE:91:BD:A8:0F:85:6C:DE:21:40:BB
ValidityMon, 16 Oct 2023 08:02:00 GMT - Mon, 08 Jan 2024 08:01:59 GMT
File type ASCII text, with very long lines (756)
Hash ef23fbdfe5f9672717103393098564c7
2521e44f59f177e30606e4a4727164667889e709
05e89469c189499ba5c3175b0a5eb61200ef23fcd724309eb2fdc964daa5f80a
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/ck=boq-blogger.BloggerCommentUi.9VEhUmOUISI.L.F4.O/am=EAalBiA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2g25VI0wS0raSnLDUUcKG4kkHAWg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 687
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Nov 2023 03:34:29 GMT
expires: Fri, 01 Nov 2024 03:34:29 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 30 Oct 2023 11:10:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 253653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 32 kB URL POST HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 901e54a5f5de80b72132022513473881
d181146666570117bf8ea157367a288e7895a58f
07666800711d39daa493331e0e2d609795c79b7e56ea5fbecbab71944fc0a820
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 05 Nov 2023 02:02:02 GMT
server: ESF
cache-control: private
content-length: 32012
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.youtube.com/s/player/9d15588c/player_ias.vflset/en_US/remote.js
200 OK 34 kB URL GET HTTP/3 www.youtube.com/s/player/9d15588c/player_ias.vflset/en_US/remote.js
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (537)
Hash f402c83698e962790e687760233c98ac
7b4ea70005245292f4e1c36e896c3320a662e6c6
6840401b7255512c5b9900409a9644d4e9b3cec94134f2154c1b93f80dc7bbc0
GET /s/player/9d15588c/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 07:28:46 GMT
expires: Thu, 31 Oct 2024 07:28:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 325996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.google.com/js/th/QcAALD0fIyejrwdw44bQZTSl0S_tfxpIwjw1mnUR6iI.js
200 OK 15 kB URL GET HTTP/2 www.google.com/js/th/QcAALD0fIyejrwdw44bQZTSl0S_tfxpIwjw1mnUR6iI.js
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintF5:CC:DA:B5:BA:1E:14:14:44:CC:27:90:92:CC:60:1F:5F:08:AF:77
ValidityMon, 16 Oct 2023 08:10:46 GMT - Mon, 08 Jan 2024 08:10:45 GMT
File type ASCII text, with very long lines (37437)
Hash 0bfd0633b594a297f64458c7cb52b02f
5a68334d38407197650d74e9d6cfea5c6b3aa441
41c0002c3d1f2327a3af0770e386d06534a5d12fed7f1a48c23c359a7511ea22
GET /js/th/QcAALD0fIyejrwdw44bQZTSl0S_tfxpIwjw1mnUR6iI.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14673
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Nov 2023 00:35:27 GMT
expires: Sun, 03 Nov 2024 00:35:27 GMT
cache-control: public, max-age=31536000
age: 91595
last-modified: Tue, 10 Oct 2023 07:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET i.ytimg.com/vi/xys3h4TNXj0/sddefault.jpg
200 OK 55 kB URL GET HTTP/3 i.ytimg.com/vi/xys3h4TNXj0/sddefault.jpg
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subjectedgestatic.com
Fingerprint30:FC:ED:56:9F:85:39:F1:1B:87:3B:5E:09:20:49:BB:39:CC:EA:8D
ValidityMon, 16 Oct 2023 08:02:25 GMT - Mon, 08 Jan 2024 08:02:24 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash a4a5c1f610a82fca52e9fae4ed96d1d7
f6e79bcc88ea56915d8a13b0dce350bf907cc9d3
9bfecc0d4d68eea01a1e1e23c697fd97100d6350acc9fc3f4f2421b49d6955c7
GET /vi/xys3h4TNXj0/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 54567
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Nov 2023 02:02:00 GMT
expires: Sun, 05 Nov 2023 04:02:00 GMT
cache-control: public, max-age=7200
age: 2
etag: "1676062106"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
200 OK 192 kB URL GET HTTP/3 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP
Requested by https://www.blogger.com/comment/frame/7379893993141487491?po=7528130194335840173&hl=en&skin=notable&blogspotRpcToken=5476085
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (1048)
Size 192 kB (192044 bytes)
Hash 18a96ee0b0e661d23712fd28c235da5c
b87f075fe06af4865ff2b9a7a2c1a22dbf652db7
bf0993a28e6d869dcb9aafde9f1862eccad0986228d708c6eb283044bb814f2e
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Sun, 05 Nov 2023 02:02:02 GMT
date: Sun, 05 Nov 2023 02:02:02 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET theme-daddy.disqus.com/embed.js
200 OK 26 kB URL GET HTTP/1.1 theme-daddy.disqus.com/embed.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerSectigo Limited
Subject*.disqus.com
FingerprintB7:D2:67:1F:60:9E:37:2D:5A:10:2F:B0:70:75:32:44:91:61:67:D5
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (32007)
Hash 1d401b4d295427b1f0f991734d449323
4ca1584dd5cf4271ce9026fdae3a3d0c6c470a17
005b8c6ec9f4141e6f518627e4b0899c598e842980da15bf0a2911827df74946
GET /embed.js HTTP/1.1
Host: theme-daddy.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 25483
Server: openresty
Content-Type: application/javascript; charset=utf-8
X-Service: router
Content-Encoding: gzip
Date: Sun, 05 Nov 2023 02:02:02 GMT
Age: 0
Vary: Accept-Encoding
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
GET facilitypestilent.com/sbar.json?key=1ae1bd4c7751ee171f884f86505662a5&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
200 OK 3.7 kB URL GET HTTP/1.1 facilitypestilent.com/sbar.json?key=1ae1bd4c7751ee171f884f86505662a5&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectfacilitypestilent.com
Fingerprint42:46:45:8C:52:C9:7F:D5:30:8D:B2:FD:C3:91:45:A7:62:B7:DE:B4
ValiditySat, 23 Sep 2023 00:45:55 GMT - Fri, 22 Dec 2023 00:45:54 GMT
File type JSON data\012- , ASCII text, with very long lines (5641), with no line terminators
Hash 6d336cef6fbf5d6e0e10c2d0787bb331
7e70fe832e122b7e2784ed8a67b063dad158f0b2
8ba0a89f0563c5e9e9b7a1d1d418d2c960b0f99d3759361f5b0a9c195c328625
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=1ae1bd4c7751ee171f884f86505662a5&uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1 HTTP/1.1
Host: facilitypestilent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:02 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nowdemy.blogspot.com
Access-Control-Allow-Origin: https://nowdemy.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18471042; expires=Mon, 06 Nov 2023 02:02:02 GMT; secure; SameSite=None
uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; expires=Sun, 12 Nov 2023 02:02:02 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Nov 2023 02:02:02 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Nov 2023 02:02:02 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 06 Nov 2023 02:02:02 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 06 Nov 2023 02:02:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5feb842761001236352b63a6a4059a1e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET yt3.ggpht.com/T72tLoUPeJG1eVXs9R1GL0SCF_oFdN8S7qK5S_5gT8EHCq0toFFuu0KRD6Cqp3CqjsaW1fuK=s68-c-k-c0x00ffffff-no-rj
200 OK 3.0 kB URL GET HTTP/3 yt3.ggpht.com/T72tLoUPeJG1eVXs9R1GL0SCF_oFdN8S7qK5S_5gT8EHCq0toFFuu0KRD6Cqp3CqjsaW1fuK=s68-c-k-c0x00ffffff-no-rj
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintCB:BB:D8:FC:60:AA:94:8F:47:5C:88:BB:C3:30:22:92:26:D3:85:2F
ValidityMon, 16 Oct 2023 08:09:46 GMT - Mon, 08 Jan 2024 08:09:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 86aaedb8c17bf2d65ac4d73c5a16c668
da83357037b0fd97d6346a4050b7a17494a66b15
cb36c204911a1478c4695a38ad626ad9e5e7b2a382e2f6ea83e07ac988590a8a
GET /T72tLoUPeJG1eVXs9R1GL0SCF_oFdN8S7qK5S_5gT8EHCq0toFFuu0KRD6Cqp3CqjsaW1fuK=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 3009
x-xss-protection: 0
date: Sun, 05 Nov 2023 02:02:00 GMT
expires: Mon, 06 Nov 2023 02:02:00 GMT
cache-control: public, max-age=86400, no-transform
age: 2
etag: "v2"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.youtube.com/generate_204?TvS0fA
204 No Content 0 B URL GET HTTP/3 www.youtube.com/generate_204?TvS0fA
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?TvS0fA HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 02:02:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET facilitypestilent.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu1mXB9eSPy4LCIIIKZtLd6fnlHmTjOhKMm3V3ZcWL1K%2BelKnuaqq6pydBJGxA9jhePXW%2BSTaoYVHwqsjE24KQ8WIO5iDsHyDCepWZBEcfFO9973uH732vPt8tTomPgp503zNbSmu62Kj7tVc%2FDIIrtVWVFoPaoN38uBldqdn%2BG4Hfqfuv1d6RfMMshn7g%2B4Ef1LrKytgMFoMgqPtQ2WEnqHf8ehTWg0aEgf0%2FdoUHRz2I%2Fil5FkpMLh0%2BiKD4GGny7TXpNnKTvf52UmiaG4u%2BOPgg3UhNmSKZl7H1EKcH59Mw7rj7I0y6PxMM0%2F93kKkJ8R79AZYenKsE6%2B%2BfCWUaMgUTT6PsjyH1GIqOwc0OlDgmABe4voY0uX%2Fd2JJunrF0yk7Ihcd%2FQZUTcuH355EmD5a1GtRuGV3kyqQOg7iCGoyhemNkxRHyLQ%2BqPALP70KJX8ji41Wkyd6a0wZKnLwcCxk3miJcaIaRXIh8ThdYizUWoiYL6FKr2Wk12MwhpcZQ8RhaDkGdh2L6lIci9lBkHhJxUmvxqN0W7YagkvOQxUE7juKoQ7kfc3%2BpE6Lg0x2GyLMhuB6C221kdhsbaghb%2FAS3XsGJp%2BDyCfHe%2Fwx9UaGUBKUjKClBqQjKnKDsV%2FtCu9BV94V2BQvOc3iel6qRyXu7dN%2FkPZmS3eyUPDM1z7v8211syJNaQGXARMRbrUYgZdAK4nY7itvNht9oNkPagFMVlHtituqWmpCXPrqNTE3IpTs7YPQITh%2BBqxdAixdBy1Er9EHXR1Hbx1b6fWpKIZPNOtOm5zKT17lJIEyFLL%2BAfNPb1afk8uyYrzyqQfKH5DzAbYXMVvhE%2FUzQ0%2FdGN01J9m6a0pHv1rJcJWqLTg99K6e5vPj1u3KzNFasXHPDr67yKTEtD29Ll6%2FSVKi058g3y0oIabvGckl%2BWHF3JLtRuPXlwqZFtnrjre5KklnpnDLpGFQdf9oEVxNy8er%2B7As%2F92cbyo5hiwpJMVeqzBg824bL5j1nCKyeY5Z5KItqZEM2b2pFoOUcU1bB%2FQezeb3r7qFnPdB8B2lSoW8r9HUFqodwxZOjPLMP3%2Fx1aRZg2hsxbb09pq3%2B4sxap05qsiWbnU7kRy3h%2BywSYRg0JKdLEe3QMIxbyN1Edv%2F%2B8h8AAAD%2F%2FwEAAP%2F%2FL5h8XI8EAAA%3D
200 OK 7 B URL GET HTTP/1.1 facilitypestilent.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu1mXB9eSPy4LCIIIKZtLd6fnlHmTjOhKMm3V3ZcWL1K%2BelKnuaqq6pydBJGxA9jhePXW%2BSTaoYVHwqsjE24KQ8WIO5iDsHyDCepWZBEcfFO9973uH732vPt8tTomPgp503zNbSmu62Kj7tVc%2FDIIrtVWVFoPaoN38uBldqdn%2BG4Hfqfuv1d6RfMMshn7g%2B4Ef1LrKytgMFoMgqPtQ2WEnqHf8ehTWg0aEgf0%2FdoUHRz2I%2Fil5FkpMLh0%2BiKD4GGny7TXpNnKTvf52UmiaG4u%2BOPgg3UhNmSKZl7H1EKcH59Mw7rj7I0y6PxMM0%2F93kKkJ8R79AZYenKsE6%2B%2BfCWUaMgUTT6PsjyH1GIqOwc0OlDgmABe4voY0uX%2Fd2JJunrF0yk7Ihcd%2FQZUTcuH355EmD5a1GtRuGV3kyqQOg7iCGoyhemNkxRHyLQ%2BqPALP70KJX8ji41Wkyd6a0wZKnLwcCxk3miJcaIaRXIh8ThdYizUWoiYL6FKr2Wk12MwhpcZQ8RhaDkGdh2L6lIci9lBkHhJxUmvxqN0W7YagkvOQxUE7juKoQ7kfc3%2BpE6Lg0x2GyLMhuB6C221kdhsbaghb%2FAS3XsGJp%2BDyCfHe%2Fwx9UaGUBKUjKClBqQjKnKDsV%2FtCu9BV94V2BQvOc3iel6qRyXu7dN%2FkPZmS3eyUPDM1z7v8211syJNaQGXARMRbrUYgZdAK4nY7itvNht9oNkPagFMVlHtituqWmpCXPrqNTE3IpTs7YPQITh%2BBqxdAixdBy1Er9EHXR1Hbx1b6fWpKIZPNOtOm5zKT17lJIEyFLL%2BAfNPb1afk8uyYrzyqQfKH5DzAbYXMVvhE%2FUzQ0%2FdGN01J9m6a0pHv1rJcJWqLTg99K6e5vPj1u3KzNFasXHPDr67yKTEtD29Ll6%2FSVKi058g3y0oIabvGckl%2BWHF3JLtRuPXlwqZFtnrjre5KklnpnDLpGFQdf9oEVxNy8er%2B7As%2F92cbyo5hiwpJMVeqzBg824bL5j1nCKyeY5Z5KItqZEM2b2pFoOUcU1bB%2FQezeb3r7qFnPdB8B2lSoW8r9HUFqodwxZOjPLMP3%2Fx1aRZg2hsxbb09pq3%2B4sxap05qsiWbnU7kRy3h%2BywSYRg0JKdLEe3QMIxbyN1Edv%2F%2B8h8AAAD%2F%2FwEAAP%2F%2FL5h8XI8EAAA%3D
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectfacilitypestilent.com
Fingerprint42:46:45:8C:52:C9:7F:D5:30:8D:B2:FD:C3:91:45:A7:62:B7:DE:B4
ValiditySat, 23 Sep 2023 00:45:55 GMT - Fri, 22 Dec 2023 00:45:54 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu1mXB9eSPy4LCIIIKZtLd6fnlHmTjOhKMm3V3ZcWL1K%2BelKnuaqq6pydBJGxA9jhePXW%2BSTaoYVHwqsjE24KQ8WIO5iDsHyDCepWZBEcfFO9973uH732vPt8tTomPgp503zNbSmu62Kj7tVc%2FDIIrtVWVFoPaoN38uBldqdn%2BG4Hfqfuv1d6RfMMshn7g%2B4Ef1LrKytgMFoMgqPtQ2WEnqHf8ehTWg0aEgf0%2FdoUHRz2I%2Fil5FkpMLh0%2BiKD4GGny7TXpNnKTvf52UmiaG4u%2BOPgg3UhNmSKZl7H1EKcH59Mw7rj7I0y6PxMM0%2F93kKkJ8R79AZYenKsE6%2B%2BfCWUaMgUTT6PsjyH1GIqOwc0OlDgmABe4voY0uX%2Fd2JJunrF0yk7Ihcd%2FQZUTcuH355EmD5a1GtRuGV3kyqQOg7iCGoyhemNkxRHyLQ%2BqPALP70KJX8ji41Wkyd6a0wZKnLwcCxk3miJcaIaRXIh8ThdYizUWoiYL6FKr2Wk12MwhpcZQ8RhaDkGdh2L6lIci9lBkHhJxUmvxqN0W7YagkvOQxUE7juKoQ7kfc3%2BpE6Lg0x2GyLMhuB6C221kdhsbaghb%2FAS3XsGJp%2BDyCfHe%2Fwx9UaGUBKUjKClBqQjKnKDsV%2FtCu9BV94V2BQvOc3iel6qRyXu7dN%2FkPZmS3eyUPDM1z7v8211syJNaQGXARMRbrUYgZdAK4nY7itvNht9oNkPagFMVlHtituqWmpCXPrqNTE3IpTs7YPQITh%2BBqxdAixdBy1Er9EHXR1Hbx1b6fWpKIZPNOtOm5zKT17lJIEyFLL%2BAfNPb1afk8uyYrzyqQfKH5DzAbYXMVvhE%2FUzQ0%2FdGN01J9m6a0pHv1rJcJWqLTg99K6e5vPj1u3KzNFasXHPDr67yKTEtD29Ll6%2FSVKi058g3y0oIabvGckl%2BWHF3JLtRuPXlwqZFtnrjre5KklnpnDLpGFQdf9oEVxNy8er%2B7As%2F92cbyo5hiwpJMVeqzBg824bL5j1nCKyeY5Z5KItqZEM2b2pFoOUcU1bB%2FQezeb3r7qFnPdB8B2lSoW8r9HUFqodwxZOjPLMP3%2Fx1aRZg2hsxbb09pq3%2B4sxap05qsiWbnU7kRy3h%2BywSYRg0JKdLEe3QMIxbyN1Edv%2F%2B8h8AAAD%2F%2FwEAAP%2F%2FL5h8XI8EAAA%3D HTTP/1.1
Host: facilitypestilent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Cookie: u_pl=18471042; uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:02 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 58b0b7d0b19b3ada14ce03bca1385d6d
Strict-Transport-Security: max-age=0; includeSubdomains
GET theme-daddy.disqus.com/recommendations.js
200 OK 21 kB URL GET HTTP/1.1 theme-daddy.disqus.com/recommendations.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerSectigo Limited
Subject*.disqus.com
FingerprintB7:D2:67:1F:60:9E:37:2D:5A:10:2F:B0:70:75:32:44:91:61:67:D5
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (32027)
Hash 6d6ba67b161f27ab8bc2addfd3d07a20
c13d2b96545a4f6d6a83abf553829e90a24ec415
6ac77c263cd13ce2d3f9f01b07b2ec3ac6a2cb8314ac7e54120bd3a9734fa613
GET /recommendations.js HTTP/1.1
Host: theme-daddy.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 21215
Server: openresty
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Content-Encoding: gzip
Date: Sun, 05 Nov 2023 02:02:02 GMT
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
GET cdn.barscreative1.com/sb/notifications/software/us/norton/1/index.html
200 OK 804 B URL GET HTTP/2 cdn.barscreative1.com/sb/notifications/software/us/norton/1/index.html
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectcdn.barscreative1.com
FingerprintCB:0F:87:85:B0:83:8B:5C:86:E5:81:91:9D:F5:ED:C4:A2:B6:B1:BE
ValidityTue, 12 Sep 2023 01:01:21 GMT - Mon, 11 Dec 2023 01:01:20 GMT
File type HTML document text\012- HTML document, ASCII text
Hash 3be2a223ed1b1c36a153f54be2c83f27
ec1a98749afdd4b466d1834239572161f4483f56
a3ae56824eb2005ad2daea5baa21fe6f0fa44891f59c34aed64b7232f59354c6
GET /sb/notifications/software/us/norton/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:02 GMT
content-type: text/html; charset=utf-8
content-length: 804
server: nginx/1.21.6
last-modified: Wed, 17 Feb 2021 11:42:48 GMT
etag: "602d0138-324"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
expires: Sun, 05 Nov 2023 03:02:02 GMT
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
OPTIONS jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL OPTIONS HTTP/3 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 3aed9303df2994178c4e455857d668a3
42b5f5f437cde5795f86a57f24e6df0c9434e975
7dc0487d2a05fc315d0caf25f90595b1416f89a130feea8f2f345247bf6a9f07
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1352
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 05 Nov 2023 02:02:02 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=k9bc3ad6nn6k
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Nov 2023 13:37:59 GMT
expires: Sun, 03 Nov 2024 13:37:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
content-type: text/css
vary: Accept-Encoding
age: 44643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET c.disquscdn.com/next/embed/assets/img/disqus-social-icon-dark.a621bea3e02c9fa04fd3965a3d6f424d.svg
200 OK 1.0 kB URL GET HTTP/2 c.disquscdn.com/next/embed/assets/img/disqus-social-icon-dark.a621bea3e02c9fa04fd3965a3d6f424d.svg
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a621bea3e02c9fa04fd3965a3d6f424d
c376cb16643617a721534d5a4cb6b9ccb87aed49
ad3d0ca410aa64d933c2853e39ef8b605c4815f9826bc0e721e3d3d93860bf64
GET /next/embed/assets/img/disqus-social-icon-dark.a621bea3e02c9fa04fd3965a3d6f424d.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 1042
date: Mon, 24 Jul 2023 07:19:29 GMT
server: nginx
last-modified: Wed, 12 Jul 2023 14:04:56 GMT
etag: "64aeb308-412"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 23 Jul 2024 07:19:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nzQDgMfpxzyH-1Fzs-WY8WQiT9ncwZmOyWM5uwE5mMCda38J7A0Epw==
age: 8966553
X-Firefox-Spdy: h2
2.8 kB URL disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2981)
Hash 37c70cb70b0f4c7bf7fd0f307cb967d9
39c0fe6515d5d93ee0cb1e1b8b59d19dceb8b232
7d8dd67af902517e6913cd0b49c02011b666ec4c15b7f780cb5460aa3aa1db06
GET /embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2845
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Sun, 09 Jul 2023 17:58:22 GMT
ETag: W/"lounge:view:9732243932.a100ad1338140ea66eeb58accadeadf8.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sun, 05 Nov 2023 02:02:02 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js
200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type ASCII text, with very long lines (537)
Size 191 kB (191376 bytes)
Hash 0de5995e9ac19853eeffb8bbe74e6a7d
719e6fbcd0b38df859a6f7a8c51a820d7bf5970d
c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37
GET /recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 191376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 19:31:24 GMT
expires: Sat, 02 Nov 2024 19:31:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 109838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET nowdemy.blogspot.com/favicon.ico
200 OK 412 B URL GET HTTP/3 nowdemy.blogspot.com/favicon.ico
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint1F:9F:66:61:40:8F:19:DE:30:44:23:EA:EB:6E:C0:FC:6D:58:69:25
ValidityMon, 16 Oct 2023 08:08:16 GMT - Mon, 08 Jan 2024 08:08:15 GMT
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 59a0c7b6e4848ccdabcea0636efda02b
30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
GET /favicon.ico HTTP/1.1
Host: nowdemy.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=fdef56d2-624e-40ca-b7b5-46b1a376975b%3A1%3A1; sb_main_1ae1bd4c7751ee171f884f86505662a5=1; sb_count_1ae1bd4c7751ee171f884f86505662a5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/x-icon
expires: Sun, 05 Nov 2023 02:02:02 GMT
date: Sun, 05 Nov 2023 02:02:02 GMT
cache-control: private, max-age=86400
last-modified: Fri, 03 Nov 2023 00:37:38 GMT
etag: W/"e494b59e9d0aadd8ab86505991bf71a30206b7dc71e3fc04bb9e716d5046d28c"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=theme-daddy&experiment=prebidbidisrequired&variant=active&service=dynamic&anchorColor=%2325a186&colorScheme=light&sourceUrl=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&typeface=serif&canonicalUrl=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html&disqus_version=current
200 OK 10 kB URL GET HTTP/1.1 tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=theme-daddy&experiment=prebidbidisrequired&variant=active&service=dynamic&anchorColor=%2325a186&colorScheme=light&sourceUrl=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&typeface=serif&canonicalUrl=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html&disqus_version=current
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGlobalSign nv-sa
Subject*.services.disqus.com
Fingerprint50:A1:DE:0D:FF:87:C9:55:D3:07:CE:35:8A:C5:E9:9D:3F:9E:78:9E
ValidityTue, 08 Aug 2023 17:50:10 GMT - Sun, 08 Sep 2024 17:50:09 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (754)
Hash 6d559778ec52ed0421875261177691d8
c9ce6c81a0a7d0ca99f5c26826a74819dae61ed3
a7e7020122c29e94cbf1cf2df2031ae737d16656d23c858ba88b92797e5fee25
GET /ads-iframe/taboola/?position=bottom&shortname=theme-daddy&experiment=prebidbidisrequired&variant=active&service=dynamic&anchorColor=%2325a186&colorScheme=light&sourceUrl=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&typeface=serif&canonicalUrl=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html&disqus_version=current HTTP/1.1
Host: tempest.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 9969
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Content-Encoding: gzip
Date: Sun, 05 Nov 2023 02:02:02 GMT
Age: 0
Vary: Accept-Encoding,
Cross-Origin-Resource-Policy: cross-origin
OPTIONS play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL OPTIONS HTTP/3 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://www.blogger.com/comment/frame/7379893993141487491?po=7528130194335840173&hl=en&skin=notable&blogspotRpcToken=5476085
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 05 Nov 2023 02:02:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+599; expires=Tue, 04-Nov-2025 02:02:02 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Nov 2023 02:02:02 GMT
cache-control: private
GET tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=theme-daddy&experiment=prebidbidisrequired&variant=active&service=dynamic&anchorColor=%2325a186&colorScheme=light&sourceUrl=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&typeface=serif&canonicalUrl=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html&disqus_version=current
200 OK 10 kB URL GET HTTP/1.1 tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=theme-daddy&experiment=prebidbidisrequired&variant=active&service=dynamic&anchorColor=%2325a186&colorScheme=light&sourceUrl=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&typeface=serif&canonicalUrl=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html&disqus_version=current
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGlobalSign nv-sa
Subject*.services.disqus.com
Fingerprint50:A1:DE:0D:FF:87:C9:55:D3:07:CE:35:8A:C5:E9:9D:3F:9E:78:9E
ValidityTue, 08 Aug 2023 17:50:10 GMT - Sun, 08 Sep 2024 17:50:09 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (748)
Hash 4073b95ae3171c5ddb5a10f1a0517cc4
1f4aec54938dfbb2f5ab0d94006a84300392471d
87e29ff608afca1bedf5ab08dfcf2cc12f2918061bf24386d3f7020ac5900ace
GET /ads-iframe/taboola/?position=top&shortname=theme-daddy&experiment=prebidbidisrequired&variant=active&service=dynamic&anchorColor=%2325a186&colorScheme=light&sourceUrl=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&typeface=serif&canonicalUrl=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html&disqus_version=current HTTP/1.1
Host: tempest.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 9967
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Content-Encoding: gzip
Date: Sun, 05 Nov 2023 02:02:02 GMT
Age: 0
Vary: Accept-Encoding,
Cross-Origin-Resource-Policy: cross-origin
GET facilitypestilent.com/pixel/sbls?bv=23.43.3723&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fnorton%2F1%2Findex.html&l=804&fd=223
200 OK 0 B URL GET HTTP/1.1 facilitypestilent.com/pixel/sbls?bv=23.43.3723&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fnorton%2F1%2Findex.html&l=804&fd=223
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectfacilitypestilent.com
Fingerprint42:46:45:8C:52:C9:7F:D5:30:8D:B2:FD:C3:91:45:A7:62:B7:DE:B4
ValiditySat, 23 Sep 2023 00:45:55 GMT - Fri, 22 Dec 2023 00:45:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=23.43.3723&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fnorton%2F1%2Findex.html&l=804&fd=223 HTTP/1.1
Host: facilitypestilent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Cookie: u_pl=18471042; uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
OPTIONS play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL OPTIONS HTTP/3 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://www.blogger.com/comment/frame/7379893993141487491?po=7528130194335840173&hl=en&skin=notable&blogspotRpcToken=5476085
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 869
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sun, 05 Nov 2023 02:02:02 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+688; expires=Tue, 04-Nov-2025 02:02:02 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Nov 2023 02:02:02 GMT
2.4 kB URL disqus.com/recommendations/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2917)
Hash 9d061bd354780c9666c15f6eb8dce5ec
ed1bfa02ffc0306387a1c551185be89772634c51
d9ff75fcb4e2aa06d93d569a2cc0784b0e12ac10a9012a85c781bf7ecafdff2a
GET /recommendations/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2375
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Sun, 09 Jul 2023 17:58:22 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sun, 05 Nov 2023 02:02:02 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET cdn.creative-bars1.com/sb/notifications/software/us/norton/1/img/bg.jpg
200 OK 58 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/norton/1/img/bg.jpg
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=250, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=970], progressive, precision 8, 970x250, components 3\012- data
Hash 93db86920aaf5aa1cb2f1b727b06dfe8
bce81c9da296929263f7ec1e606616a97ab42b9d
d67bdc40107fb5f7db687092375adbce71dcf6faec40d1c5c9c50c3c9e6d5ca7
GET /sb/notifications/software/us/norton/1/img/bg.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:02 GMT
content-type: image/jpeg
content-length: 58368
last-modified: Wed, 17 Feb 2021 11:45:02 GMT
etag: "602d01be-e400"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 11628787
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnZYUEbiqgC6gYFCc4xwox8%2Fwil4jzvBEplkzM%2FBigGqjgA3mge%2B7VjYJ93oQVdNN4zFZs3HU1vT104WS6Fuq2%2BYYdx2doufNF1bZI7Yc6u9GSe6fgnYge6yA3ObrgUvVFbYOvIDMe4q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82118327ea7d71a5-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn.creative-bars1.com/sb/notifications/software/us/norton/1/img/close.png
200 OK 1.8 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/norton/1/img/close.png
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash c1b8f53c3afa0fdd5be48e6bfdbbb6fa
eeb2cd8d17e3abe135865be77330b8519f6bceb2
8f5d7d0bf69b5fcb8a110dd7c79948e70c860440b6ecc803a20ababe193a1af0
GET /sb/notifications/software/us/norton/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:02 GMT
content-type: image/png
content-length: 1778
last-modified: Wed, 17 Feb 2021 11:45:01 GMT
etag: "602d01bd-6f2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 321489
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzEJrPftrvGbH7OWj%2FUpsyTSq85sbfyLbZMBkd4%2B1ix%2FRNDL2cSSo%2FJ%2F0sRXGp5CzlPxrET86EfOEeOtmFK5%2BUSozMvZKLVvA8Vn7JcbZ%2FSqDy%2B6neDB68r85moK9ciYEkavsXozdpl9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82118327ea8271a5-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.gstatic.com/recaptcha/api2/logo_48.png
200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=k9bc3ad6nn6k
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Oct 2023 05:14:09 GMT
expires: Tue, 07 Nov 2023 05:14:09 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 420473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET c.disquscdn.com/next/embed/lounge.load.685fe71837a5e31e62ed92d8c3551184.js
200 OK 630 B URL GET HTTP/2 c.disquscdn.com/next/embed/lounge.load.685fe71837a5e31e62ed92d8c3551184.js
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (1261), with no line terminators
Hash 3bbae6cce6dacfafdb03eb9685ece129
8556b30438f22865a98f23766d3c173a64ccee68
d258255f8d4b26a86043c320916e9f941173077c37cf4a574c8c0f7b197a98dc
GET /next/embed/lounge.load.685fe71837a5e31e62ed92d8c3551184.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://disqus.com
DNT: 1
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 630
date: Wed, 01 Nov 2023 19:19:51 GMT
server: nginx
last-modified: Wed, 01 Nov 2023 19:12:20 GMT
etag: "6542a314-276"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 31 Oct 2024 19:19:51 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ix9UHUpJzL788MK1_3Pl2uOn_RE5RvW3z82H7SukvXVd55gjbZWocw==
age: 283331
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Nov 2023 23:51:35 GMT
expires: Fri, 01 Nov 2024 23:51:35 GMT
cache-control: public, max-age=31536000
age: 180627
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=k9bc3ad6nn6k
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 22:20:01 GMT
expires: Sat, 02 Nov 2024 22:20:01 GMT
cache-control: public, max-age=31536000
age: 99721
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET c.disquscdn.com/next/embed/common.bundle.3e8d5264f612390a04ecdea992b7df6b.js
200 OK 94 kB URL GET HTTP/2 c.disquscdn.com/next/embed/common.bundle.3e8d5264f612390a04ecdea992b7df6b.js
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (32023)
Hash 0fdd93e18c44bd1b15406d57054b245c
c441b6a3932e2cdf704236625bdd45db1cdb2ea3
dc14b3341a10d1867708850459c8ab87a5a4fef6f8f7ef1a68538e5b64d4ed9e
GET /next/embed/common.bundle.3e8d5264f612390a04ecdea992b7df6b.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 94105
date: Mon, 30 Oct 2023 17:45:30 GMT
server: nginx
last-modified: Fri, 27 Oct 2023 19:23:37 GMT
etag: "653c0e39-16f99"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 29 Oct 2024 17:45:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: whPOdG04LtqcngD84slPNpY9cNST5B9ZxAVzVlm052tsb76R7yT-RQ==
age: 461792
X-Firefox-Spdy: h2
GET c.disquscdn.com/next/recommendations/recommendations.load.eb0c60370b580548a4605937dbb36701.js
200 OK 448 B URL GET HTTP/2 c.disquscdn.com/next/recommendations/recommendations.load.eb0c60370b580548a4605937dbb36701.js
IP
Requested by https://disqus.com/recommendations/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code#version=eb0c60370b580548a4605937dbb36701
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (923), with no line terminators
Hash 3b8a775a2f8019e30ec905a4486f557c
2acc33da308ac3325eb1f667b085334c6af370f1
cdb860cf06994f8b9d567889e4a67ecc713fd6daea0ea543b6563600d3955384
GET /next/recommendations/recommendations.load.eb0c60370b580548a4605937dbb36701.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://disqus.com
DNT: 1
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 448
date: Tue, 31 Oct 2023 14:00:57 GMT
server: nginx
last-modified: Tue, 31 Oct 2023 13:53:35 GMT
etag: "654106df-1c0"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 30 Oct 2024 14:00:57 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ag_VWvC8AepKQ6mXJbhKjKmE4OA92kn1HM65sqNL2r9AfJq-yMBzFQ==
age: 388866
X-Firefox-Spdy: h2
GET c.disquscdn.com/next/recommendations/common.bundle.df6a6e8dc147ce1d3f64f949d51c9e44.js
200 OK 89 kB URL GET HTTP/2 c.disquscdn.com/next/recommendations/common.bundle.df6a6e8dc147ce1d3f64f949d51c9e44.js
IP
Requested by https://disqus.com/recommendations/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code#version=eb0c60370b580548a4605937dbb36701
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (32023)
Hash 0bf7d3adbdd6ec4df4157de33d9ed726
b4825a6714483aaea7bc0334cdcd66910d8a21f7
064d07463dd54e9ad9d94d1ba57596c810383f6cae5914973738221027349d5a
GET /next/recommendations/common.bundle.df6a6e8dc147ce1d3f64f949d51c9e44.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 88798
date: Mon, 30 Oct 2023 17:45:21 GMT
server: nginx
last-modified: Fri, 27 Oct 2023 19:23:37 GMT
etag: "653c0e39-15ade"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 29 Oct 2024 17:45:21 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: P0JhQbxf7hfwqh1giSE3WhT5hl6PxNa6jKclHgH6UntxHXCjmej13Q==
age: 461802
X-Firefox-Spdy: h2
GET www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js
200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type ASCII text, with very long lines (537)
Size 191 kB (191376 bytes)
Hash 0de5995e9ac19853eeffb8bbe74e6a7d
719e6fbcd0b38df859a6f7a8c51a820d7bf5970d
c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37
GET /recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 191376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 19:31:24 GMT
expires: Sat, 02 Nov 2024 19:31:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 109839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/ck=boq-blogger.BloggerCommentUi.9VEhUmOUISI.L.F4.O/am=EAalBiA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2g25VI0wS0raSnLDUUcKG4kkHAWg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
200 OK 1.7 kB URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/ck=boq-blogger.BloggerCommentUi.9VEhUmOUISI.L.F4.O/am=EAalBiA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2g25VI0wS0raSnLDUUcKG4kkHAWg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
IP
Requested by https://www.blogger.com/comment/frame/7379893993141487491?po=7528130194335840173&hl=en&skin=notable&blogspotRpcToken=5476085
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint75:53:9F:32:2C:07:BD:E7:26:FE:91:BD:A8:0F:85:6C:DE:21:40:BB
ValidityMon, 16 Oct 2023 08:02:00 GMT - Mon, 08 Jan 2024 08:01:59 GMT
File type ASCII text, with very long lines (732)
Hash 38ed4de7c9bf1206f1289155eb0984b2
8188204c9913bc6d01c969d25f34461246b2e42d
4597c85f6469dbdf2887e387caf52f22acff7831da91a7e6538bec642083a2d0
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.ykEskbx6XmA.es5.O/ck=boq-blogger.BloggerCommentUi.9VEhUmOUISI.L.F4.O/am=EAalBiA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2g25VI0wS0raSnLDUUcKG4kkHAWg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 1661
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Nov 2023 03:32:27 GMT
expires: Fri, 01 Nov 2024 03:32:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 30 Oct 2023 11:10:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 253776
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
200 OK 33 kB URL GET HTTP/2 c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (65469)
Hash f858ca6db5248292eb007a3e8be26b0e
3510f64da62385f3deea82760b65bf7a5b0deaff
61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59
GET /next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 33282
date: Sat, 22 Jul 2023 16:09:12 GMT
server: nginx
last-modified: Wed, 12 Jul 2023 14:04:56 GMT
etag: "64aeb308-8202"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sun, 21 Jul 2024 16:09:12 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ETNw-6OOVYHCxh5OzO8HYLlel-eZZzNPcEW_SR-bEql0YSE7LdT44A==
age: 9107571
X-Firefox-Spdy: h2
GET c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
200 OK 3.0 kB URL GET HTTP/2 c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
IP
Requested by https://disqus.com/recommendations/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code#version=eb0c60370b580548a4605937dbb36701
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (14286), with no line terminators
Hash ab396baf8c17df5fb6a6a8e2632f2fef
dc6faa2a85c8b906848c45fc2a7a98d7480b10b6
ad59b3c437a380375b4205e22d9bf50856690b094d2fa425ae90971f5b58758e
GET /next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 2968
date: Thu, 21 Sep 2023 06:34:19 GMT
server: nginx
last-modified: Wed, 20 Sep 2023 10:55:06 GMT
etag: "650acf8a-b98"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 20 Sep 2024 06:34:19 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NGDneo1gZB4hA36l66XP6h6-ZWBhTBk-VvEWwn2Xj8QPIWXPmli7qw==
age: 3871664
X-Firefox-Spdy: h2
GET c.disquscdn.com/next/embed/lounge.bundle.ba0c3df892494c1973d91c84130fde4c.js
200 OK 131 kB URL GET HTTP/2 c.disquscdn.com/next/embed/lounge.bundle.ba0c3df892494c1973d91c84130fde4c.js
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (32055)
Size 131 kB (131041 bytes)
Hash 23ca23c49e188d5fd6c41ab9c3fa1ab5
6fbb60987870b3b39bc5ddb0723bf555b2d497b4
8b2c02e3dcaf6c284e857beb30bd5459a3eab22b90aac5d5af254f4298c692fb
GET /next/embed/lounge.bundle.ba0c3df892494c1973d91c84130fde4c.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 131041
date: Wed, 01 Nov 2023 19:19:52 GMT
server: nginx
last-modified: Wed, 01 Nov 2023 19:12:20 GMT
etag: "6542a314-1ffe1"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 31 Oct 2024 19:19:52 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oHUwl8a1xZJYiHzO5aQf5QW6MJD6ihG4Bhe9bPhBC2eGgBOu7tJzrg==
age: 283331
X-Firefox-Spdy: h2
GET c.disquscdn.com/next/recommendations/recommendations.bundle.b1d305f840327c58f4ac9b236b8cd735.js
200 OK 20 kB URL GET HTTP/2 c.disquscdn.com/next/recommendations/recommendations.bundle.b1d305f840327c58f4ac9b236b8cd735.js
IP
Requested by https://disqus.com/recommendations/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code#version=eb0c60370b580548a4605937dbb36701
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (32081)
Hash cd4962bdf46bc7893b8a488c9868a081
7ba635ef465c5d5f11459f90efa09f1fa338d03f
47d4cc8f41a50c8835c9f83a13ab174866b9f82a24ea590b854574a6773a071a
GET /next/recommendations/recommendations.bundle.b1d305f840327c58f4ac9b236b8cd735.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 20373
date: Tue, 31 Oct 2023 14:00:58 GMT
server: nginx
last-modified: Tue, 31 Oct 2023 13:53:35 GMT
etag: "654106df-4f95"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 30 Oct 2024 14:00:58 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: m9j1CsZ7mdzsGecShaLQFyswpRkyy67RCaFW3XNz9VJQDHSi3hThdg==
age: 388865
X-Firefox-Spdy: h2
GET disqus.com/next/config.js
200 OK 19 kB URL GET HTTP/1.1 disqus.com/next/config.js
IP
Requested by https://disqus.com/recommendations/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code#version=eb0c60370b580548a4605937dbb36701
Certificate IssuerSectigo Limited
Subject*.disqus.com
FingerprintB7:D2:67:1F:60:9E:37:2D:5A:10:2F:B0:70:75:32:44:91:61:67:D5
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (19162), with no line terminators
Hash b15f3e22492c900cab8f4821633f8a7c
aa305b3cd6c760140e985164e683f4b110f064ad
df411420efe3c7ca46a26c969ba790335e06c51f843f25b201a725724141f75b
GET /next/config.js HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 19162
Server: nginx
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Nov 2023 02:02:03 GMT
Age: 29
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET disqus.com/next/config.js
200 OK 19 kB URL GET HTTP/1.1 disqus.com/next/config.js
IP
Requested by https://disqus.com/recommendations/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code#version=eb0c60370b580548a4605937dbb36701
Certificate IssuerSectigo Limited
Subject*.disqus.com
FingerprintB7:D2:67:1F:60:9E:37:2D:5A:10:2F:B0:70:75:32:44:91:61:67:D5
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (19162), with no line terminators
Hash b15f3e22492c900cab8f4821633f8a7c
aa305b3cd6c760140e985164e683f4b110f064ad
df411420efe3c7ca46a26c969ba790335e06c51f843f25b201a725724141f75b
GET /next/config.js HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://disqus.com/recommendations/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 19162
Server: nginx
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Nov 2023 02:02:03 GMT
Age: 29
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET facilitypestilent.com/pixel/sbls?bv=23.43.3723&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fnorton%2F1%2Fcss%2Fanimate.css&l=79249&fd=511
200 OK 0 B URL GET HTTP/1.1 facilitypestilent.com/pixel/sbls?bv=23.43.3723&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fnorton%2F1%2Fcss%2Fanimate.css&l=79249&fd=511
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectfacilitypestilent.com
Fingerprint42:46:45:8C:52:C9:7F:D5:30:8D:B2:FD:C3:91:45:A7:62:B7:DE:B4
ValiditySat, 23 Sep 2023 00:45:55 GMT - Fri, 22 Dec 2023 00:45:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=23.43.3723&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fnorton%2F1%2Fcss%2Fanimate.css&l=79249&fd=511 HTTP/1.1
Host: facilitypestilent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Cookie: u_pl=18471042; uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET referrer.disqus.com/juggler/stat.gif?event=lounge.loading.view
200 OK 43 B URL GET HTTP/1.1 referrer.disqus.com/juggler/stat.gif?event=lounge.loading.view
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerSectigo Limited
Subject*.disqus.com
FingerprintB7:D2:67:1F:60:9E:37:2D:5A:10:2F:B0:70:75:32:44:91:61:67:D5
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/stat.gif?event=lounge.loading.view HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Nov 2023 02:02:03 GMT
Cross-Origin-Resource-Policy: cross-origin
GET referrer.disqus.com/juggler/event.gif?imp=8fnrrss19ucl3f&experiment=prebidbidisrequired&variant=active&service=dynamic&area=top&product=embed&forum=theme-daddy&zone=thread&version=685fe71837a5e31e62ed92d8c3551184&page_url=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Aprebidbidisrequired%3Aactive§ion=default&verb=call&adjective=1&forum_id=4314102
200 OK 43 B URL GET HTTP/1.1 referrer.disqus.com/juggler/event.gif?imp=8fnrrss19ucl3f&experiment=prebidbidisrequired&variant=active&service=dynamic&area=top&product=embed&forum=theme-daddy&zone=thread&version=685fe71837a5e31e62ed92d8c3551184&page_url=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Aprebidbidisrequired%3Aactive§ion=default&verb=call&adjective=1&forum_id=4314102
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerSectigo Limited
Subject*.disqus.com
FingerprintB7:D2:67:1F:60:9E:37:2D:5A:10:2F:B0:70:75:32:44:91:61:67:D5
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/event.gif?imp=8fnrrss19ucl3f&experiment=prebidbidisrequired&variant=active&service=dynamic&area=top&product=embed&forum=theme-daddy&zone=thread&version=685fe71837a5e31e62ed92d8c3551184&page_url=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Aprebidbidisrequired%3Aactive§ion=default&verb=call&adjective=1&forum_id=4314102 HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Nov 2023 02:02:03 GMT
Cross-Origin-Resource-Policy: cross-origin
GET referrer.disqus.com/juggler/event.gif?imp=8fnrrss19ucl3f&experiment=prebidbidisrequired&variant=active&service=dynamic&area=bottom&product=embed&forum=theme-daddy&zone=thread&version=685fe71837a5e31e62ed92d8c3551184&page_url=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Aprebidbidisrequired%3Aactive§ion=default&verb=call&adjective=1&forum_id=4314102
200 OK 43 B URL GET HTTP/1.1 referrer.disqus.com/juggler/event.gif?imp=8fnrrss19ucl3f&experiment=prebidbidisrequired&variant=active&service=dynamic&area=bottom&product=embed&forum=theme-daddy&zone=thread&version=685fe71837a5e31e62ed92d8c3551184&page_url=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Aprebidbidisrequired%3Aactive§ion=default&verb=call&adjective=1&forum_id=4314102
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerSectigo Limited
Subject*.disqus.com
FingerprintB7:D2:67:1F:60:9E:37:2D:5A:10:2F:B0:70:75:32:44:91:61:67:D5
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/event.gif?imp=8fnrrss19ucl3f&experiment=prebidbidisrequired&variant=active&service=dynamic&area=bottom&product=embed&forum=theme-daddy&zone=thread&version=685fe71837a5e31e62ed92d8c3551184&page_url=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Aprebidbidisrequired%3Aactive§ion=default&verb=call&adjective=1&forum_id=4314102 HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Nov 2023 02:02:03 GMT
Cross-Origin-Resource-Policy: cross-origin
GET disqus.com/api/3.0/forums/details?forum=theme-daddy&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
200 OK 3.2 kB URL GET HTTP/1.1 disqus.com/api/3.0/forums/details?forum=theme-daddy&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerSectigo Limited
Subject*.disqus.com
FingerprintB7:D2:67:1F:60:9E:37:2D:5A:10:2F:B0:70:75:32:44:91:61:67:D5
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (3178), with no line terminators
Hash 1b523c57e551e29377123310becb8d49
73d7cba75efeb172e7b1d83bbad80859b22df320
060ef41f4677d077509807af71ef257641d2bc970b67f8a1409d3455daa5cef0
GET /api/3.0/forums/details?forum=theme-daddy&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://disqus.com/recommendations/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3178
Server: nginx
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Nov 2023 02:02:03 GMT
Age: 0
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET cdn.creative-bars1.com/sb/notifications/software/us/norton/1/css/style.css
200 OK 726 B URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/norton/1/css/style.css
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
Hash 3306137487d661212d141a804b7742f7
e5bb14beb2e657ec16ae4e9e0078ab3c3c435d4a
a3047fbec2592af62ba063d356dade74c1d6314b8eb73539bd7a8d60d53683e5
GET /sb/notifications/software/us/norton/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:03 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 11:44:59 GMT
etag: W/"602d01bb-907"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CcYmquHBxVESPmskiiubNuT3MOpVRoJisR%2B%2FYJ1JP1f6o4wtzXxlHGa9tdO8vz7EeLQ9eWCc5Zy5Iygs1VIB4GWk5QZzG2t%2Fe06e%2BgBV2mvD7hbS7Mw1hSmaT9Aj0zCgAkScjziSbNR2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82118327da7871a5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET disqus.com/api/3.0/forums/details?forum=theme-daddy&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
200 OK 3.2 kB URL GET HTTP/1.1 disqus.com/api/3.0/forums/details?forum=theme-daddy&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerSectigo Limited
Subject*.disqus.com
FingerprintB7:D2:67:1F:60:9E:37:2D:5A:10:2F:B0:70:75:32:44:91:61:67:D5
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (3178), with no line terminators
Hash 1b523c57e551e29377123310becb8d49
73d7cba75efeb172e7b1d83bbad80859b22df320
060ef41f4677d077509807af71ef257641d2bc970b67f8a1409d3455daa5cef0
GET /api/3.0/forums/details?forum=theme-daddy&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3178
Server: nginx
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Nov 2023 02:02:03 GMT
Age: 0
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
200 OK 27 kB URL GET HTTP/2 c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (32024)
Hash 6a2058c1873047f445835a25ca19ca8c
c05084762dc4cfafe00c2a7daab90e27ae94d783
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
GET /next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 26578
date: Wed, 27 Sep 2023 08:53:26 GMT
server: nginx
last-modified: Tue, 26 Sep 2023 16:46:05 GMT
etag: "65130acd-67d2"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 26 Sep 2024 08:53:26 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rZXNvxZB3E-rTdzcQHfthANTpk-Ct2GZC-oV3LhymWSCqpwdQwpA5A==
age: 3344917
X-Firefox-Spdy: h2
GET c.disquscdn.com/uploads/forums/431/4102/avatar92.jpg?1483870592
200 OK 3.0 kB URL GET HTTP/2 c.disquscdn.com/uploads/forums/431/4102/avatar92.jpg?1483870592
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 92x92, components 3\012- data
Hash 577fdbcd26313e95db9107fad16bdb87
e55acbfa94d6bd519f325adda9dc422e9456cf5d
6eee213c5095c7363605b5835e737dd21119b92f042edb3801e4a638fc6fcedc
GET /uploads/forums/431/4102/avatar92.jpg?1483870592 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 3026
date: Fri, 21 Jul 2023 04:55:37 GMT
server: nginx
last-modified: Sun, 08 Jan 2017 10:16:33 GMT
etag: "577fdbcd26313e95db9107fad16bdb87"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sat, 20 Jul 2024 04:55:37 GMT
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8OVqz-7EKuZ-EglfPLnuOBod2YD4IoAwB5g4uBMJ0fToe0vq2RNeiA==
age: 9234386
X-Firefox-Spdy: h2
GET disqus.com/api/3.0/discovery/listRecommendations.json?forum=theme-daddy&thread=url%3Ahttps%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
200 OK 6.7 kB URL GET HTTP/1.1 disqus.com/api/3.0/discovery/listRecommendations.json?forum=theme-daddy&thread=url%3Ahttps%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP
Requested by https://disqus.com/recommendations/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code#version=eb0c60370b580548a4605937dbb36701
Certificate IssuerSectigo Limited
Subject*.disqus.com
FingerprintB7:D2:67:1F:60:9E:37:2D:5A:10:2F:B0:70:75:32:44:91:61:67:D5
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (6669), with no line terminators
Hash f028e58683cafba6040b73e9c6bbed48
6b08a926eb16f3e1e9a3e76cbda5462099c3f6e3
b973d18ff4bd13b2ee0203c393624c08aa5a1bd7067b14a0cad4a89cc10906ba
GET /api/3.0/discovery/listRecommendations.json?forum=theme-daddy&thread=url%3Ahttps%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://disqus.com/recommendations/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 6669
Server: nginx
Content-Type: application/json
Cache-Control: stale-while-revalidate=450, public, max-age=1800
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Nov 2023 02:02:03 GMT
Age: 0
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
200 OK 13 kB URL GET HTTP/2 c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (13079), with no line terminators
Hash 4da5413f5086c5755b46094b813dbfcd
87669f231ce245cdd9b7d80ebf8194e2ae62e7b1
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
GET /next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 13079
date: Thu, 21 Sep 2023 06:33:56 GMT
server: nginx
last-modified: Wed, 20 Sep 2023 10:55:07 GMT
etag: "650acf8b-3317"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 20 Sep 2024 06:33:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FEYxY535mxQrF5l12W9_m6IXieGiSDqb1kOfNKo3MU-nsFNfF6vCVA==
age: 3871687
X-Firefox-Spdy: h2
GET c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
200 OK 3.0 kB URL GET HTTP/2 c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type GIF image data, version 87a, 62 x 20\012- data
Hash ba7c86e8b4b6135bb668d05223f8f127
ae07a576af9eab682281921075436798438e902e
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
GET /next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 2971
date: Sun, 20 Aug 2023 12:05:10 GMT
server: nginx
last-modified: Wed, 02 Aug 2023 23:18:56 GMT
etag: "64cae460-b9b"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Mon, 19 Aug 2024 12:05:10 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7nf8J2t2iGJfe9ic90FRi1CJlWPe6EtflQKBg36zQJ5_hzYL2HHvww==
age: 6616613
X-Firefox-Spdy: h2
GET c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
200 OK 840 B URL GET HTTP/2 c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (736)
Hash 727e30eb9b6c1e85cb010b9c8eb04c7e
5b7ed3f88c4d25d1d9e15bbd15af68daf5c573b4
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
GET /next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 840
date: Thu, 21 Sep 2023 03:03:24 GMT
server: nginx
last-modified: Wed, 20 Sep 2023 10:55:06 GMT
etag: "650acf8a-348"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 20 Sep 2024 03:03:24 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qeEr-8HdnHigvuqr7EncYwDQHlENTtmOS0Y6bznblDJ7eKrp-444tQ==
age: 3884318
X-Firefox-Spdy: h2
GET c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
200 OK 891 B URL GET HTTP/2 c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (787)
Hash 8c96be6b50de1c3fab838c5f050e0be5
d0eb4a80710c083c77020cc3b6cd6756cf0bca60
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
GET /next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 891
date: Wed, 26 Jul 2023 18:48:11 GMT
server: nginx
last-modified: Wed, 26 Jul 2023 16:31:55 GMT
etag: "64c14a7b-37b"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 25 Jul 2024 18:48:11 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tlN7tP8OvDP2sqBqyUrwI5upo0oubxKjg9cndwRBEZgb2uuroe2j4g==
age: 8752432
X-Firefox-Spdy: h2
GET cdn.creative-bars1.com/sb/notifications/software/us/norton/1/css/animate.css
200 OK 5.5 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/norton/1/css/animate.css
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
Hash e1d8acd5ee9d1a90ea09313cbd8f2b02
8a8327b115d1356715e63270d1ce6d46124c7b1a
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a
GET /sb/notifications/software/us/norton/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:03 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 11:45:00 GMT
etag: W/"602d01bc-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BtqV9RLbaoLK%2F1fvW2Ny27YOvsG8PAQrbHh%2BopC%2BcAC%2BMwaYcf62K%2B3I8c6xTRy2TTl%2FDUC0XTfbbQNy4Ao%2B8BxFg%2BWd0XFTlSf3ce%2FFlAWC%2BT%2Fs0nZ9p6fLNgR4E%2FL3WAgQxQ4erXX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82118327da7b71a5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn.creative-bars1.com/sb/notifications/software/us/norton/1/js/script.js
200 OK 8.1 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/norton/1/js/script.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
Hash 2c74052305c8fdb7d12d52f9b5d49f95
f56cdefd437d28e3e238c57a92108f3af9dbecea
b709aa45ff7eb1d6c667ceaeb90df1340dcfe97f3c620c2efd58f2335d5f1aeb
GET /sb/notifications/software/us/norton/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:03 GMT
content-type: application/javascript
last-modified: Wed, 17 Feb 2021 11:45:00 GMT
etag: W/"602d01bc-181"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2FnecxKjRfavE62XJc%2FHZwfzHR5EjjEWisPvcHEoLT42KcPtdj%2Fog1PJS38z6zWLXEEjZs9MnR5EW3z0CkV0x8k2Emzu84EnSqdYpSP0SztW88nsAXQrh5mDRL7eP1DnnOWlDxHmG5m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 821183282abd71a5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
200 OK 1.8 kB URL GET HTTP/2 c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type PNG image data, 172 x 81, 8-bit colormap, non-interlaced\012- data
Hash ad630a07080a45451f139a7487853ff8
c2673d7404fc947fab20eed21416f9656149018d
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
GET /next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1763
date: Mon, 24 Jul 2023 12:53:27 GMT
server: nginx
last-modified: Wed, 12 Jul 2023 14:04:56 GMT
etag: "64aeb308-6e3"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 23 Jul 2024 12:53:27 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PkjUecCArV35erMmFjGz0TXztHv9MJ47V5Kg34sLf9BUGbohFbGu4A==
age: 8946516
X-Firefox-Spdy: h2
POST www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type JSON data\012- , ASCII text
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1699149723594
Content-Type: application/json
X-Goog-Visitor-Id: CgtKYXg0clJiUFQ5NCiX75uqBjIICgJOTxICEgA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231031.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1699149719568&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C567%2C318&vis=1&wgl=true&ca_type=image
Content-Length: 16970
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sun, 05 Nov 2023 02:02:03 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+670; expires=Tue, 04-Nov-2025 02:02:03 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Nov 2023 02:02:03 GMT
cache-control: private
GET facilitypestilent.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu1hAwnvxxCSgMIqjgznbPdPf0mIMkxpHgmsQkEvEi9asn5VZ3NVXd07OLSEhAchyvnnq%2FySaoISh4VWTWW0DIeHEP7kHIHyBCvMrMLo4%2BKN773vcO3%2Ftefb5THRAfFd0fvGe2ldZ0PWr7rVc%2FDIJTrQ2VV%2BPWOIk%2FjsNTLTt6I%2FD7bf%2B11juSb5r1jh%2F4fuAHrYGyMjXj9SAI2j5Uca8ftPt%2BO%2By0gyjE2P4fu8qDox7E6IA8CyXmJ%2B7dD6H4DHn27VnpNktTvP52VmlaGouRuPtBvpmbOke2KlPrIc3vHk3DuIeDH2Hy3aVgmNG%2Fg0zNiffoD7D87pFKsNHuoVCmIXMw8TTq0QxSz6DoDNzchBIPCcAFzl9Ant05b2xNtw5ZumDn5Njjv6DqOTn2%2B%2FPIs%2FtntBq3LhtdlcrkDuO0gRrPoIYzFNUeym0Pqt4DL29AiV%2FI%2BuMN5NntC04bKLH%2FcipkGsWisxZ3QrkW%2BpyusR6L1sKYBbTbi%2Fu9iC0dUmoGlc6g5QTUeagWT3moUg9V4SET%2B60eD5NEJJGgkvMOS4MkDdOwT7mfcr%2Fb76Diix0mKIsJuJ6A2%2Bso7HVsqgls9RPctQZOPAVXzon3%2FmcYiQa1JKgdQU0JakVQlwT1qNkV2nVcc0doV7HgKHeOcreZmnK4Q3dNOZQ52SkOyDML87yTv93AptxvBVQGTIS814sCKYNekCZJmCZx5Edx3KERnGqg3BPLVbfVnLz00RUUak5OXL0JRvfg9B64egG0ehG0nvY6Pui1aZj42M6%2Fz00tZLbVZtoMXWHKNjcZhGlQlMdQbnk7%2BoCcXB7zlUctSP6AHAW4bVDYBp%2BonwmG%2Btb0kqnJ7UumduS7C0WpMrVNF4e%2BXNJSHv%2F6XblVGyvOnXWTr07zBbEo712RrtyguVD50JFvzighpB0YyyX54Zy7KtnFyl07U9m8KjYuvjU4lxVWOqdMPgNVDz%2BNwdWcHD%2B9u%2FzCz%2F2ZQNkZbNUgq1ZKlZmBF9fhilXPGQKrV5gVHuqqmdoOWzW1ItByhSlr4P6D2arecbcwtB5oeRN51mBkG4x0A6oncNWT07KwD978tbsMMO1Nmbbebaat%2FuLQWqf2W5z7kgasF0gpZNTlPIx5wuK0G%2FZkEokIpZvLwd9f%2FgMAAP%2F%2FAQAA%2F%2F%2FQv9RMjwQAAA%3D%3D
200 OK 7 B URL GET HTTP/1.1 facilitypestilent.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu1hAwnvxxCSgMIqjgznbPdPf0mIMkxpHgmsQkEvEi9asn5VZ3NVXd07OLSEhAchyvnnq%2FySaoISh4VWTWW0DIeHEP7kHIHyBCvMrMLo4%2BKN773vcO3%2Ftefb5THRAfFd0fvGe2ldZ0PWr7rVc%2FDIJTrQ2VV%2BPWOIk%2FjsNTLTt6I%2FD7bf%2B11juSb5r1jh%2F4fuAHrYGyMjXj9SAI2j5Uca8ftPt%2BO%2By0gyjE2P4fu8qDox7E6IA8CyXmJ%2B7dD6H4DHn27VnpNktTvP52VmlaGouRuPtBvpmbOke2KlPrIc3vHk3DuIeDH2Hy3aVgmNG%2Fg0zNiffoD7D87pFKsNHuoVCmIXMw8TTq0QxSz6DoDNzchBIPCcAFzl9Ant05b2xNtw5ZumDn5Njjv6DqOTn2%2B%2FPIs%2FtntBq3LhtdlcrkDuO0gRrPoIYzFNUeym0Pqt4DL29AiV%2FI%2BuMN5NntC04bKLH%2FcipkGsWisxZ3QrkW%2BpyusR6L1sKYBbTbi%2Fu9iC0dUmoGlc6g5QTUeagWT3moUg9V4SET%2B60eD5NEJJGgkvMOS4MkDdOwT7mfcr%2Fb76Diix0mKIsJuJ6A2%2Bso7HVsqgls9RPctQZOPAVXzon3%2FmcYiQa1JKgdQU0JakVQlwT1qNkV2nVcc0doV7HgKHeOcreZmnK4Q3dNOZQ52SkOyDML87yTv93AptxvBVQGTIS814sCKYNekCZJmCZx5Edx3KERnGqg3BPLVbfVnLz00RUUak5OXL0JRvfg9B64egG0ehG0nvY6Pui1aZj42M6%2Fz00tZLbVZtoMXWHKNjcZhGlQlMdQbnk7%2BoCcXB7zlUctSP6AHAW4bVDYBp%2BonwmG%2Btb0kqnJ7UumduS7C0WpMrVNF4e%2BXNJSHv%2F6XblVGyvOnXWTr07zBbEo712RrtyguVD50JFvzighpB0YyyX54Zy7KtnFyl07U9m8KjYuvjU4lxVWOqdMPgNVDz%2BNwdWcHD%2B9u%2FzCz%2F2ZQNkZbNUgq1ZKlZmBF9fhilXPGQKrV5gVHuqqmdoOWzW1ItByhSlr4P6D2arecbcwtB5oeRN51mBkG4x0A6oncNWT07KwD978tbsMMO1Nmbbebaat%2FuLQWqf2W5z7kgasF0gpZNTlPIx5wuK0G%2FZkEokIpZvLwd9f%2FgMAAP%2F%2FAQAA%2F%2F%2FQv9RMjwQAAA%3D%3D
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectfacilitypestilent.com
Fingerprint42:46:45:8C:52:C9:7F:D5:30:8D:B2:FD:C3:91:45:A7:62:B7:DE:B4
ValiditySat, 23 Sep 2023 00:45:55 GMT - Fri, 22 Dec 2023 00:45:54 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu1hAwnvxxCSgMIqjgznbPdPf0mIMkxpHgmsQkEvEi9asn5VZ3NVXd07OLSEhAchyvnnq%2FySaoISh4VWTWW0DIeHEP7kHIHyBCvMrMLo4%2BKN773vcO3%2Ftefb5THRAfFd0fvGe2ldZ0PWr7rVc%2FDIJTrQ2VV%2BPWOIk%2FjsNTLTt6I%2FD7bf%2B11juSb5r1jh%2F4fuAHrYGyMjXj9SAI2j5Uca8ftPt%2BO%2By0gyjE2P4fu8qDox7E6IA8CyXmJ%2B7dD6H4DHn27VnpNktTvP52VmlaGouRuPtBvpmbOke2KlPrIc3vHk3DuIeDH2Hy3aVgmNG%2Fg0zNiffoD7D87pFKsNHuoVCmIXMw8TTq0QxSz6DoDNzchBIPCcAFzl9Ant05b2xNtw5ZumDn5Njjv6DqOTn2%2B%2FPIs%2FtntBq3LhtdlcrkDuO0gRrPoIYzFNUeym0Pqt4DL29AiV%2FI%2BuMN5NntC04bKLH%2FcipkGsWisxZ3QrkW%2BpyusR6L1sKYBbTbi%2Fu9iC0dUmoGlc6g5QTUeagWT3moUg9V4SET%2B60eD5NEJJGgkvMOS4MkDdOwT7mfcr%2Fb76Diix0mKIsJuJ6A2%2Bso7HVsqgls9RPctQZOPAVXzon3%2FmcYiQa1JKgdQU0JakVQlwT1qNkV2nVcc0doV7HgKHeOcreZmnK4Q3dNOZQ52SkOyDML87yTv93AptxvBVQGTIS814sCKYNekCZJmCZx5Edx3KERnGqg3BPLVbfVnLz00RUUak5OXL0JRvfg9B64egG0ehG0nvY6Pui1aZj42M6%2Fz00tZLbVZtoMXWHKNjcZhGlQlMdQbnk7%2BoCcXB7zlUctSP6AHAW4bVDYBp%2BonwmG%2Btb0kqnJ7UumduS7C0WpMrVNF4e%2BXNJSHv%2F6XblVGyvOnXWTr07zBbEo712RrtyguVD50JFvzighpB0YyyX54Zy7KtnFyl07U9m8KjYuvjU4lxVWOqdMPgNVDz%2BNwdWcHD%2B9u%2FzCz%2F2ZQNkZbNUgq1ZKlZmBF9fhilXPGQKrV5gVHuqqmdoOWzW1ItByhSlr4P6D2arecbcwtB5oeRN51mBkG4x0A6oncNWT07KwD978tbsMMO1Nmbbebaat%2FuLQWqf2W5z7kgasF0gpZNTlPIx5wuK0G%2FZkEokIpZvLwd9f%2FgMAAP%2F%2FAQAA%2F%2F%2FQv9RMjwQAAA%3D%3D HTTP/1.1
Host: facilitypestilent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Cookie: u_pl=18471042; uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 55091bc452a53be34a63bfa9ab5e55cf
Strict-Transport-Security: max-age=0; includeSubdomains
GET referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=375&event=init_embed&thread=9732243932&forum=theme-daddy&forum_id=4314102&imp=8fnrrss19ucl3f&thread_slug=shopping_website_in_php_with_source_code_04&user_type=anon&referrer=https%3A%2F%2Fnowdemy.blogspot.com%2F&theme=next&dnt=1&tracking_enabled=0&experiment=prebidbidisrequired&variant=active&service=dynamic&promoted_enabled=true&max_enabled=true
200 OK 43 B URL GET HTTP/1.1 referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=375&event=init_embed&thread=9732243932&forum=theme-daddy&forum_id=4314102&imp=8fnrrss19ucl3f&thread_slug=shopping_website_in_php_with_source_code_04&user_type=anon&referrer=https%3A%2F%2Fnowdemy.blogspot.com%2F&theme=next&dnt=1&tracking_enabled=0&experiment=prebidbidisrequired&variant=active&service=dynamic&promoted_enabled=true&max_enabled=true
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerSectigo Limited
Subject*.disqus.com
FingerprintB7:D2:67:1F:60:9E:37:2D:5A:10:2F:B0:70:75:32:44:91:61:67:D5
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/event.gif?abe=0&embed_hidden=0&load_time=375&event=init_embed&thread=9732243932&forum=theme-daddy&forum_id=4314102&imp=8fnrrss19ucl3f&thread_slug=shopping_website_in_php_with_source_code_04&user_type=anon&referrer=https%3A%2F%2Fnowdemy.blogspot.com%2F&theme=next&dnt=1&tracking_enabled=0&experiment=prebidbidisrequired&variant=active&service=dynamic&promoted_enabled=true&max_enabled=true HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Nov 2023 02:02:03 GMT
Cross-Origin-Resource-Policy: cross-origin
GET facilitypestilent.com/pixel/sbls?bv=23.43.3723&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fnorton%2F1%2Fcss%2Fstyle.css&l=2311&fd=515
200 OK 0 B URL GET HTTP/1.1 facilitypestilent.com/pixel/sbls?bv=23.43.3723&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fnorton%2F1%2Fcss%2Fstyle.css&l=2311&fd=515
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectfacilitypestilent.com
Fingerprint42:46:45:8C:52:C9:7F:D5:30:8D:B2:FD:C3:91:45:A7:62:B7:DE:B4
ValiditySat, 23 Sep 2023 00:45:55 GMT - Fri, 22 Dec 2023 00:45:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=23.43.3723&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fnorton%2F1%2Fcss%2Fstyle.css&l=2311&fd=515 HTTP/1.1
Host: facilitypestilent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Cookie: u_pl=18471042; uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Nov 2023 02:02:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET facilitypestilent.com/pixel/sbs?c=1
200 OK 0 B URL GET HTTP/1.1 facilitypestilent.com/pixel/sbs?c=1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectfacilitypestilent.com
Fingerprint42:46:45:8C:52:C9:7F:D5:30:8D:B2:FD:C3:91:45:A7:62:B7:DE:B4
ValiditySat, 23 Sep 2023 00:45:55 GMT - Fri, 22 Dec 2023 00:45:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: facilitypestilent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Cookie: u_pl=18471042; uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Nov 2023 02:02:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET referrer.disqus.com/juggler/event.js?experiment=prebidbidisrequired&variant=active&page_referrer=direct&product=embed&thread=9732243932&thread_id=9732243932&forum=theme-daddy&forum_id=4314102&zone=thread&page_url=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&service=dynamic&verb=view&object_type=product&object_id=embed&extra_data=%7B%22color_scheme%22%3A%22light%22%2C%22anchor_color%22%3A%22rgb(37%2C161%2C134)%22%2C%22typeface%22%3A%22serif%22%2C%22width%22%3A266%7D&event=activity&imp=8fnrrss19ucl3f§ion=default&area=n%2Fa
200 OK 40 B URL GET HTTP/1.1 referrer.disqus.com/juggler/event.js?experiment=prebidbidisrequired&variant=active&page_referrer=direct&product=embed&thread=9732243932&thread_id=9732243932&forum=theme-daddy&forum_id=4314102&zone=thread&page_url=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&service=dynamic&verb=view&object_type=product&object_id=embed&extra_data=%7B%22color_scheme%22%3A%22light%22%2C%22anchor_color%22%3A%22rgb(37%2C161%2C134)%22%2C%22typeface%22%3A%22serif%22%2C%22width%22%3A266%7D&event=activity&imp=8fnrrss19ucl3f§ion=default&area=n%2Fa
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerSectigo Limited
Subject*.disqus.com
FingerprintB7:D2:67:1F:60:9E:37:2D:5A:10:2F:B0:70:75:32:44:91:61:67:D5
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT
Hash 3f4a0f64733b8c0d50626043fd7886d6
b8a40d3642deca1cc0ea8648ddbfa3bfb0fc8a1e
f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef
GET /juggler/event.js?experiment=prebidbidisrequired&variant=active&page_referrer=direct&product=embed&thread=9732243932&thread_id=9732243932&forum=theme-daddy&forum_id=4314102&zone=thread&page_url=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&service=dynamic&verb=view&object_type=product&object_id=embed&extra_data=%7B%22color_scheme%22%3A%22light%22%2C%22anchor_color%22%3A%22rgb(37%2C161%2C134)%22%2C%22typeface%22%3A%22serif%22%2C%22width%22%3A266%7D&event=activity&imp=8fnrrss19ucl3f§ion=default&area=n%2Fa HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Server: nginx
Content-Type: application/javascript
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Nov 2023 02:02:03 GMT
Cross-Origin-Resource-Policy: cross-origin
transfer-encoding: chunked
GET referrer.disqus.com/juggler/stat.gif?event=failed_recommendations.server.undefined
200 OK 43 B URL GET HTTP/1.1 referrer.disqus.com/juggler/stat.gif?event=failed_recommendations.server.undefined
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerSectigo Limited
Subject*.disqus.com
FingerprintB7:D2:67:1F:60:9E:37:2D:5A:10:2F:B0:70:75:32:44:91:61:67:D5
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/stat.gif?event=failed_recommendations.server.undefined HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Nov 2023 02:02:03 GMT
Cross-Origin-Resource-Policy: cross-origin
GET pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
200 OK 12 kB URL GET HTTP/3 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint30:DF:10:0D:E2:AE:CA:7A:5E:20:03:00:80:D2:EB:DD:4D:3A:F3:10
ValidityMon, 16 Oct 2023 08:02:29 GMT - Mon, 08 Jan 2024 08:02:28 GMT
File type JSON data\012- , ASCII text, with very long lines (16106), with no line terminators
Hash e070283944137850f5c9ebfd2b0c18f1
86802f2b5201163879340a1128cd69c14dbef66a
3cfb52dc3874a6b1cf1b2e8e17c0dea985b39a2d38187adc3ce290fdaf25910e
GET /getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 05 Nov 2023 02:02:03 GMT
server: cafe
content-length: 12155
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL GET HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subjecttpc.googlesyndication.com
FingerprintB5:FE:85:38:7B:87:81:A3:BC:C0:81:1B:57:17:C4:8D:FC:4B:61:2E
ValidityMon, 16 Oct 2023 08:09:55 GMT - Mon, 08 Jan 2024 08:09:54 GMT
File type ASCII text, with very long lines (1321)
Hash 2cc87e9764aebcbbf36ff2061e6a2793
b4f2ffdf4c695aa79f0e63651c18a88729c2407b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 05 Nov 2023 02:02:04 GMT
expires: Sun, 05 Nov 2023 02:02:04 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.google.com/recaptcha/api2/webworker.js?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr
200 OK 1.1 kB URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=k9bc3ad6nn6k
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type gzip compressed data\012- data
Hash 591b7b7c3f4d6feee58f6cbf37cdc0b0
b70a081e4b5020daaaaae91f286258d08b6af590
80a5eaf248339be53d7a0e298649200d17aff02c2cb03e62654f1183a6fb2ff9
GET /recaptcha/api2/webworker.js?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=k9bc3ad6nn6k
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Sun, 05 Nov 2023 02:02:02 GMT
date: Sun, 05 Nov 2023 02:02:02 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL GET HTTP/3 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint30:DF:10:0D:E2:AE:CA:7A:5E:20:03:00:80:D2:EB:DD:4D:3A:F3:10
ValidityMon, 16 Oct 2023 08:02:29 GMT - Mon, 08 Jan 2024 08:02:28 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash 1d3d22df067f5219073f9c0fabb74fdd
d5c226022639323d93946df3571404116041e588
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 22:40:10 GMT
expires: Sat, 02 Nov 2024 22:40:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
vary: Accept-Encoding
age: 98514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=4221038554380165&rc=null
204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=4221038554380165&rc=null
IP
Requested by https://www.google.com/recaptcha/api2/aframe
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint30:DF:10:0D:E2:AE:CA:7A:5E:20:03:00:80:D2:EB:DD:4D:3A:F3:10
ValidityMon, 16 Oct 2023 08:02:29 GMT - Mon, 08 Jan 2024 08:02:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=4221038554380165&rc=null HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 05 Nov 2023 02:02:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
15 kB URL pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint30:DF:10:0D:E2:AE:CA:7A:5E:20:03:00:80:D2:EB:DD:4D:3A:F3:10
ValidityMon, 16 Oct 2023 08:02:29 GMT - Mon, 08 Jan 2024 08:02:28 GMT
File type ASCII text, with very long lines (38356)
Hash ffbc076f809d5b38a52e9a290665b9bd
3d89c8ef623b70e0cb67e0ad84234ffe473b43fb
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
GET /bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 15096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 21:59:53 GMT
expires: Sat, 02 Nov 2024 21:59:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 100931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
0 B URL tpc.googlesyndication.com/generate_204?TNzFLQ
IP
Certificate IssuerGoogle Trust Services LLC
Subjecttpc.googlesyndication.com
FingerprintB5:FE:85:38:7B:87:81:A3:BC:C0:81:1B:57:17:C4:8D:FC:4B:61:2E
ValidityMon, 16 Oct 2023 08:09:55 GMT - Mon, 08 Jan 2024 08:09:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?TNzFLQ HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 02:02:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET unseenreport.com/pxf.gif?uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=1ae1bd4c7751ee171f884f86505662a5&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=2
200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=1ae1bd4c7751ee171f884f86505662a5&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=2
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintBE:8C:78:D1:BA:58:B8:88:10:09:32:1D:31:7A:D9:4A:09:BF:6C:7A
ValiditySat, 23 Sep 2023 07:33:12 GMT - Fri, 22 Dec 2023 07:33:11 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=fdef56d2-624e-40ca-b7b5-46b1a376975b&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=1ae1bd4c7751ee171f884f86505662a5&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=2 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:04 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 939c2001d302a524b5346583a81e825c
Strict-Transport-Security: max-age=0; includeSubdomains
POST csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~loktvdz0&c=4221038554380165&e=44759876%2C44759927%2C31078020%2C31079192%2C31079266%2C31079438%2C44795921%2C44807048%2C44807336%2C44807454%2C31078301%2C31079355%2C31061691%2C31061692&ctx=1&met.3=1001.15l__1~164.15p_1~165.15j_7~166.14v_10~1032.1ct~326.1cx_2~832.1d1~868.1d1_1~216.1ct_9~215.1ct_9~843.1cs_a~889.1dq~639.1dz~112.1f1_1~629.1kp_1~113.5a1_1&met.1=1.loktvcjz~6.j~7.m~8.n~9.n~10.30~11.y~12.30~13.qb~14.t6~15.wn~16.34n~17.34r~18.34z~19.59s~20.59s~21.59y~23.105
204 No Content 0 B URL POST HTTP/2 csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~loktvdz0&c=4221038554380165&e=44759876%2C44759927%2C31078020%2C31079192%2C31079266%2C31079438%2C44795921%2C44807048%2C44807336%2C44807454%2C31078301%2C31079355%2C31061691%2C31061692&ctx=1&met.3=1001.15l__1~164.15p_1~165.15j_7~166.14v_10~1032.1ct~326.1cx_2~832.1d1~868.1d1_1~216.1ct_9~215.1ct_9~843.1cs_a~889.1dq~639.1dz~112.1f1_1~629.1kp_1~113.5a1_1&met.1=1.loktvcjz~6.j~7.m~8.n~9.n~10.30~11.y~12.30~13.qb~14.t6~15.wn~16.34n~17.34r~18.34z~19.59s~20.59s~21.59y~23.105
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~loktvdz0&c=4221038554380165&e=44759876%2C44759927%2C31078020%2C31079192%2C31079266%2C31079438%2C44795921%2C44807048%2C44807336%2C44807454%2C31078301%2C31079355%2C31061691%2C31061692&ctx=1&met.3=1001.15l__1~164.15p_1~165.15j_7~166.14v_10~1032.1ct~326.1cx_2~832.1d1~868.1d1_1~216.1ct_9~215.1ct_9~843.1cs_a~889.1dq~639.1dz~112.1f1_1~629.1kp_1~113.5a1_1&met.1=1.loktvcjz~6.j~7.m~8.n~9.n~10.30~11.y~12.30~13.qb~14.t6~15.wn~16.34n~17.34r~18.34z~19.59s~20.59s~21.59y~23.105 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Sun, 05 Nov 2023 02:02:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
POST www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type JSON data\012- , ASCII text
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1699149724962
Content-Type: application/json
X-Goog-Visitor-Id: CgtKYXg0clJiUFQ5NCiY75uqBjIICgJOTxICEgA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231031.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1699149721090&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C531%2C317&vis=1&wgl=true&ca_type=image
Content-Length: 16067
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sun, 05 Nov 2023 02:02:04 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+628; expires=Tue, 04-Nov-2025 02:02:04 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Nov 2023 02:02:04 GMT
cache-control: private
GET pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=4221038554380165&bg=!qaqlquXNAAb4oU7C2KE7ADQBe5WfOKOezq8Cm5WqElnWUGgpophI4jvJfmssfJo5XNXW82Aqz6E44AOZZ3AttcL_pCsHAgAAAR9SAAAAEmgBB5kCiaURhsLlPQW2qKw_Ak0dkxJt8OfT2NAmOD_UmVvGGUfBiCdPuDPcxzeLimnHap5-M7dmLv0f-48AfjXuNP6Xl4ltV1vTRDXtIk0ScV8ozPJCVGR62NaDq4LIxcpVPXvp1gYGYzlKWYfhMRFSrwP-NS0TFPfpvPwqlU095O-gsm-goLNfJeTUpEf14KHM8TCrEdnjPmwgsDFygX1VLk2apimtHNwjXWCGrE0f4Cm1NynyvwSI4KowEarYvTzzwscf8Ey6J3cn_EOzVuo4mSFTXK8Eew5h2hjBc-uJsfmguDSoR-zHlsnkF1y_UqWuGZWiV7Yirn_g0nHC5soxWkXqSWSU9agZSKbDe2NIdCvgb4Ut7Jg5GN8rUAdnpwXWE6P_Byr0g9YgVOOj_FvGQZfUiWGsdALfqM-EPNYv4KG8SAmWSgvH5yclWxBOSIRiTqiuhvnNDdBGevAa4ndYLE_DZMeZ5D34dfAn6sEzl3yodLbrOenlWa2D1b8_G0EoSW9DkDUFJn488ypQFK-AXIAwDYFYGWnE4pn84u7QnQVZegaFXw0QIGNA0j4I-XpRJsp-CRK5DdAbhb4yhU7rzXL_UidZFHopZzZcvBgZNzKDJa2rPkdQar0oF1x0yGkUjb4XkXx3IjMF6y4kjiOQRaPfpl0yDzcOGOKjHpd8nWBvxM3j2lr-uhN0GyH5CRfL7r6OLRHbBt3DFQak5-NVWliVwXWauB0ewaQNBvyI0y_0L-HHlqaVU3h-2EwgIEUnutkNF5EMGC14pH9z5fkuyNrJNnOGeyBE_Z77WlwPkRtgygXbuYdYB1qRwDJ8F9D1Kyw5kEYiUgrTH-iL6JBDtITAaTxNUpFI-Jg9PVU
204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=4221038554380165&bg=!qaqlquXNAAb4oU7C2KE7ADQBe5WfOKOezq8Cm5WqElnWUGgpophI4jvJfmssfJo5XNXW82Aqz6E44AOZZ3AttcL_pCsHAgAAAR9SAAAAEmgBB5kCiaURhsLlPQW2qKw_Ak0dkxJt8OfT2NAmOD_UmVvGGUfBiCdPuDPcxzeLimnHap5-M7dmLv0f-48AfjXuNP6Xl4ltV1vTRDXtIk0ScV8ozPJCVGR62NaDq4LIxcpVPXvp1gYGYzlKWYfhMRFSrwP-NS0TFPfpvPwqlU095O-gsm-goLNfJeTUpEf14KHM8TCrEdnjPmwgsDFygX1VLk2apimtHNwjXWCGrE0f4Cm1NynyvwSI4KowEarYvTzzwscf8Ey6J3cn_EOzVuo4mSFTXK8Eew5h2hjBc-uJsfmguDSoR-zHlsnkF1y_UqWuGZWiV7Yirn_g0nHC5soxWkXqSWSU9agZSKbDe2NIdCvgb4Ut7Jg5GN8rUAdnpwXWE6P_Byr0g9YgVOOj_FvGQZfUiWGsdALfqM-EPNYv4KG8SAmWSgvH5yclWxBOSIRiTqiuhvnNDdBGevAa4ndYLE_DZMeZ5D34dfAn6sEzl3yodLbrOenlWa2D1b8_G0EoSW9DkDUFJn488ypQFK-AXIAwDYFYGWnE4pn84u7QnQVZegaFXw0QIGNA0j4I-XpRJsp-CRK5DdAbhb4yhU7rzXL_UidZFHopZzZcvBgZNzKDJa2rPkdQar0oF1x0yGkUjb4XkXx3IjMF6y4kjiOQRaPfpl0yDzcOGOKjHpd8nWBvxM3j2lr-uhN0GyH5CRfL7r6OLRHbBt3DFQak5-NVWliVwXWauB0ewaQNBvyI0y_0L-HHlqaVU3h-2EwgIEUnutkNF5EMGC14pH9z5fkuyNrJNnOGeyBE_Z77WlwPkRtgygXbuYdYB1qRwDJ8F9D1Kyw5kEYiUgrTH-iL6JBDtITAaTxNUpFI-Jg9PVU
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint30:DF:10:0D:E2:AE:CA:7A:5E:20:03:00:80:D2:EB:DD:4D:3A:F3:10
ValidityMon, 16 Oct 2023 08:02:29 GMT - Mon, 08 Jan 2024 08:02:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=4221038554380165&bg=!qaqlquXNAAb4oU7C2KE7ADQBe5WfOKOezq8Cm5WqElnWUGgpophI4jvJfmssfJo5XNXW82Aqz6E44AOZZ3AttcL_pCsHAgAAAR9SAAAAEmgBB5kCiaURhsLlPQW2qKw_Ak0dkxJt8OfT2NAmOD_UmVvGGUfBiCdPuDPcxzeLimnHap5-M7dmLv0f-48AfjXuNP6Xl4ltV1vTRDXtIk0ScV8ozPJCVGR62NaDq4LIxcpVPXvp1gYGYzlKWYfhMRFSrwP-NS0TFPfpvPwqlU095O-gsm-goLNfJeTUpEf14KHM8TCrEdnjPmwgsDFygX1VLk2apimtHNwjXWCGrE0f4Cm1NynyvwSI4KowEarYvTzzwscf8Ey6J3cn_EOzVuo4mSFTXK8Eew5h2hjBc-uJsfmguDSoR-zHlsnkF1y_UqWuGZWiV7Yirn_g0nHC5soxWkXqSWSU9agZSKbDe2NIdCvgb4Ut7Jg5GN8rUAdnpwXWE6P_Byr0g9YgVOOj_FvGQZfUiWGsdALfqM-EPNYv4KG8SAmWSgvH5yclWxBOSIRiTqiuhvnNDdBGevAa4ndYLE_DZMeZ5D34dfAn6sEzl3yodLbrOenlWa2D1b8_G0EoSW9DkDUFJn488ypQFK-AXIAwDYFYGWnE4pn84u7QnQVZegaFXw0QIGNA0j4I-XpRJsp-CRK5DdAbhb4yhU7rzXL_UidZFHopZzZcvBgZNzKDJa2rPkdQar0oF1x0yGkUjb4XkXx3IjMF6y4kjiOQRaPfpl0yDzcOGOKjHpd8nWBvxM3j2lr-uhN0GyH5CRfL7r6OLRHbBt3DFQak5-NVWliVwXWauB0ewaQNBvyI0y_0L-HHlqaVU3h-2EwgIEUnutkNF5EMGC14pH9z5fkuyNrJNnOGeyBE_Z77WlwPkRtgygXbuYdYB1qRwDJ8F9D1Kyw5kEYiUgrTH-iL6JBDtITAaTxNUpFI-Jg9PVU HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 05 Nov 2023 02:02:05 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type JSON data\012- , ASCII text
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1699149742558
Content-Type: application/json
X-Goog-Visitor-Id: CgtKYXg0clJiUFQ5NCiX75uqBjIICgJOTxICEgA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231031.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1699149719568&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C567%2C318&vis=1&wgl=true&ca_type=image
Content-Length: 816
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sun, 05 Nov 2023 02:02:22 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+620; expires=Tue, 04-Nov-2025 02:02:22 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Nov 2023 02:02:22 GMT
cache-control: private
POST www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/xys3h4TNXj0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type JSON data\012- , ASCII text
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1699149742566
Content-Type: application/json
X-Goog-Visitor-Id: CgtKYXg0clJiUFQ5NCiY75uqBjIICgJOTxICEgA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231031.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1699149721090&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C531%2C317&vis=1&wgl=true&ca_type=image
Content-Length: 817
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/xys3h4TNXj0
Cookie: YSC=L0jTVMueh-8; VISITOR_INFO1_LIVE=Jax4rRbPT94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sun, 05 Nov 2023 02:02:22 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+265; expires=Tue, 04-Nov-2025 02:02:22 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Nov 2023 02:02:22 GMT
cache-control: private
GET www.google.com/recaptcha/api2/aframe
200 OK 829 B URL GET HTTP/3 www.google.com/recaptcha/api2/aframe
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (853), with no line terminators
Hash 27e563f15334834b8276c5868561a8a5
e21c3e1852cd6827316cd762cba00aa30df3cf0f
ef927b35b69af3bebad964c07b50c3fde75ea25f9eb9aaafa2addecfdba8723d
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 05 Nov 2023 02:02:04 GMT
date: Sun, 05 Nov 2023 02:02:04 GMT
cache-control: private, max-age=300
content-security-policy: script-src 'nonce-N3Vyx3Ejy6qR_ke2YLY8bQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=k9bc3ad6nn6k
200 OK 60 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=k9bc3ad6nn6k
IP
Requested by https://www.blogger.com/comment/frame/7379893993141487491?po=7528130194335840173&hl=en&skin=notable&blogspotRpcToken=5476085
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52015)
Hash baf715cb48a8c4d1a37b3c906a41731d
b0db6df2abc2242459dee699d8e68f6d1f3a58ac
77e392300a2ef234447d0a69e56c8487f2b69e002b290f4fa173aa7cf2571a0a
GET /recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=k9bc3ad6nn6k HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Nov 2023 02:02:02 GMT
content-security-policy: script-src 'nonce-FKG8LUdpwA1mZAueYXe_5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET lh3.googleusercontent.com/blogger_img_proxy/ALY8t1uJFjsmMHDVRG7oDPwhJiyHVuNRa7ZejkXKjkHpXnR_nqckfkoNX5so1jxMoBdMeD6nWIj--fm4TqHyiVVZaeGnwm5VAZoqG9VMsZekIUIPSskS=w256-h256-n-k-no-nu
200 OK 26 kB URL GET HTTP/3 lh3.googleusercontent.com/blogger_img_proxy/ALY8t1uJFjsmMHDVRG7oDPwhJiyHVuNRa7ZejkXKjkHpXnR_nqckfkoNX5so1jxMoBdMeD6nWIj--fm4TqHyiVVZaeGnwm5VAZoqG9VMsZekIUIPSskS=w256-h256-n-k-no-nu
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintCB:BB:D8:FC:60:AA:94:8F:47:5C:88:BB:C3:30:22:92:26:D3:85:2F
ValidityMon, 16 Oct 2023 08:09:46 GMT - Mon, 08 Jan 2024 08:09:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 4c42b0dd8c7d5dfdb6ea08f3499b9138
ea0c9f4beddded67db003cf0646e5fec8423cdae
fe2a15ff3ea79c9722e0446795c382fe6f8c16cb656cd9ab984e78c38e3e6974
GET /blogger_img_proxy/ALY8t1uJFjsmMHDVRG7oDPwhJiyHVuNRa7ZejkXKjkHpXnR_nqckfkoNX5so1jxMoBdMeD6nWIj--fm4TqHyiVVZaeGnwm5VAZoqG9VMsZekIUIPSskS=w256-h256-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Mon, 06 Nov 2023 02:02:01 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sun, 05 Nov 2023 02:02:01 GMT
server: fife
content-length: 25729
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET cdn.cloudimagesb.com/cti/08/97/f5/0897f5fd97712cab162ea659e7ab93f0/1627917212.png
200 OK 45 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/08/97/f5/0897f5fd97712cab162ea659e7ab93f0/1627917212.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT
File type PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash dbde2854f2a693ab43a1ee72cdf0c686
820bc6fb6d40db1cdc8b9a214d4a8b1138f2e3fa
aa648c4116a815deb4a006ed29f17342ccdb8c0d2ca863b54aa2517e1ed88641
GET /cti/08/97/f5/0897f5fd97712cab162ea659e7ab93f0/1627917212.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 Nov 2023 02:02:01 GMT
content-type: image/png
content-length: 45371
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 15:13:41 GMT
etag: "61080ba5-b13b"
expires: Tue, 07 Nov 2023 02:02:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default
200 OK 6.7 kB URL GET HTTP/1.1 disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerSectigo Limited
Subject*.disqus.com
FingerprintB7:D2:67:1F:60:9E:37:2D:5A:10:2F:B0:70:75:32:44:91:61:67:D5
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (7211), with no line terminators
Hash 0817cc205eb56b53c1ad663addec87c4
3f553501f0a8872a1e091efdaa71e6ce4d399330
5f54b1a61106b45f17c81e662cfb8f864edb472cda91947fd0456a46110a9a8c
GET /embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2845
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Sun, 09 Jul 2023 17:58:22 GMT
ETag: W/"lounge:view:9732243932.a100ad1338140ea66eeb58accadeadf8.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sun, 05 Nov 2023 02:02:02 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET disqus.com/recommendations/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code
200 OK 5.6 kB URL GET HTTP/1.1 disqus.com/recommendations/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerSectigo Limited
Subject*.disqus.com
FingerprintB7:D2:67:1F:60:9E:37:2D:5A:10:2F:B0:70:75:32:44:91:61:67:D5
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6048), with no line terminators
Hash 0c11995014153667ab08a7d8ef12404c
52e8f95b995d5cf5261f528946aa43073a9c164f
99fcf9f96796e4399d7166a640533229c5015558f11f9dd4c32dfa3f230ce8a0
GET /recommendations/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2375
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Sun, 09 Jul 2023 17:58:22 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sun, 05 Nov 2023 02:02:02 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
200 OK 605 B URL GET HTTP/2 c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (622), with no line terminators
Hash 42f720cd9165933c2acbbc45faf69988
dec0b27e319d96382bf20d7ac9b4e04634e4db25
a991dd9d67b9d20c51c34da2d5984bccd9dda2fa546ce6b1c665fb7a0aae7131
GET /next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 605
date: Thu, 14 Sep 2023 03:57:58 GMT
server: nginx
last-modified: Wed, 13 Sep 2023 20:48:30 GMT
etag: "6502201e-25d"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 13 Sep 2024 03:57:58 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xg-uyQA1i14HJXJQxY04fZfYnU4uVlj03jGUVKOO3i_RRaZmSNRJxg==
age: 4485845
X-Firefox-Spdy: h2
GET facilitypestilent.com/pixel/sbls?bv=23.43.3723&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fnorton%2F1%2Fjs%2Fscript.js&l=385&fd=563
200 OK 0 B URL GET HTTP/1.1 facilitypestilent.com/pixel/sbls?bv=23.43.3723&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fnorton%2F1%2Fjs%2Fscript.js&l=385&fd=563
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerLet's Encrypt
Subjectfacilitypestilent.com
Fingerprint42:46:45:8C:52:C9:7F:D5:30:8D:B2:FD:C3:91:45:A7:62:B7:DE:B4
ValiditySat, 23 Sep 2023 00:45:55 GMT - Fri, 22 Dec 2023 00:45:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=23.43.3723&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fnorton%2F1%2Fjs%2Fscript.js&l=385&fd=563 HTTP/1.1
Host: facilitypestilent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Cookie: u_pl=18471042; uid_id2=fdef56d2-624e-40ca-b7b5-46b1a376975b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Nov 2023 02:02:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
POST links.services.disqus.com/api/ping
403 Forbidden 979 B URL POST HTTP/1.1 links.services.disqus.com/api/ping
IP
Requested by https://nowdemy.blogspot.com/2023/02/shopping-website-in-php-with-source-code.html?m=1
Certificate IssuerGlobalSign nv-sa
Subject*.services.disqus.com
Fingerprint50:A1:DE:0D:FF:87:C9:55:D3:07:CE:35:8A:C5:E9:9D:3F:9E:78:9E
ValidityTue, 08 Aug 2023 17:50:10 GMT - Sun, 08 Sep 2024 17:50:09 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (987), with no line terminators
Hash 2df556cb1fd6339b916160adf8e81155
1398610c32f0392ed80534657d54514d52eef016
8db9479a78ddca61302150f6b2fef8321ecdd9fa99c45d0440d7273fcd7411f5
POST /api/ping HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 201
Origin: https://nowdemy.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://nowdemy.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Connection: keep-alive
Content-Length: 979
Content-Language: en
Content-Type: text/html;charset=utf-8
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Server: Apache-Coyote/1.1
Date: Sun, 05 Nov 2023 02:02:04 GMT
GET c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
200 OK 7.9 kB URL GET HTTP/2 c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
IP
Requested by https://disqus.com/embed/comments/?base=default&f=theme-daddy&t_u=https%3A%2F%2Fnowdemy.blogspot.com%2F2023%2F02%2Fshopping-website-in-php-with-source-code.html%3Fm%3D1&t_d=Shopping%20Website%20in%20PHP%20With%20Source%20Code&t_t=Shopping%20Website%20in%20PHP%20With%20Source%20Code&s_o=default#version=685fe71837a5e31e62ed92d8c3551184
Certificate IssuerAmazon
Subjecta.disquscdn.com
FingerprintB0:90:A7:25:E8:69:E1:D2:10:DF:D4:36:AC:0F:B1:B6:2D:91:C4:FB
ValidityThu, 31 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 4cc7a703d2fdfe684151ff8ac24d45f1
046adee74e5ce76db11491906a21c09399391571
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
GET /next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
DNT: 1
Connection: keep-alive
Referer: https://c.disquscdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 7900
date: Thu, 21 Sep 2023 06:34:17 GMT
server: nginx
last-modified: Wed, 20 Sep 2023 10:55:06 GMT
etag: "650acf8a-1edc"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 20 Sep 2024 06:34:17 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6Ebu5388G6g9mmB8v4Qsnbhd94R8xyQlRVeeTB7fFoBTvtiVIA0mbg==
age: 3871665
X-Firefox-Spdy: h2
172.217.21.161
3.122.74.31
0.0.0.0